www.geckoandfly.com Open in urlscan Pro
205.186.140.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Submission Tags: falconsandbox
Submission: On May 05 via api (May 5th 2021, 2:53:52 am UTC) from US

Summary HTTP 109 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 10 domains to perform 109 HTTP transactions. The main IP is 205.186.140.181, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.geckoandfly.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on September 7th 2020. Valid for: a year.

This is the only time www.geckoandfly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	205.186.140.181 205.186.140.181	398110 (GO-DADDY-...) (GO-DADDY-COM-LLC)
2	2600:9000:210... 2600:9000:2104:9e00:10:e7af:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:210... 2600:9000:2104:5000:10:e7af:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:3800:10:e7af:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
109	19

2 205.186.140.181 (Ashburn, United States)

ASN398110 (GO-DADDY-COM-LLC, US)
PTR: new-geckoandfly.com

www.geckoandfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:9e00:10:e7af:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn4.geckoandfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2104:5000:10:e7af:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.geckoandfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:3800:10:e7af:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.geckoandfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	619 KB
24	doubleclick.net googleads.g.doubleclick.net	71 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	637 KB
9	geckoandfly.com www.geckoandfly.com cdn4.geckoandfly.com cdn.geckoandfly.com cdn3.geckoandfly.com	192 KB
7	google.com 2 redirects www.google.com adservice.google.com	17 KB
4	googletagservices.com www.googletagservices.com	133 KB
4	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	643 B
109	10

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.geckoandfly.com pagead2.googlesyndication.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.geckoandfly.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	2 redirects www.geckoandfly.com www.gstatic.com www.google.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	www.geckoandfly.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	cdn.geckoandfly.com	www.geckoandfly.com
2	www.google-analytics.com	www.geckoandfly.com www.google-analytics.com
2	cdn3.geckoandfly.com	www.geckoandfly.com
2	cdn4.geckoandfly.com	www.geckoandfly.com
2	www.geckoandfly.com	www.geckoandfly.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
109	16

This site contains links to these domains. Also see Links.

Domain
opentip.kaspersky.com
vms.drweb.com
www.virustotal.com
metadefender.opswat.com
virusscan.jotti.org
cdn3.geckoandfly.com
www.virscan.org
www.avira.com
www.fortiguard.com
www.hybrid-analysis.com
lab.bitbaan.com
cdn4.geckoandfly.com
adssettings.google.com

Subject Issuer	Validity	Valid
geckoandfly.com Starfield Secure Certificate Authority - G2	`2020-09-07` - `2021-09-11`	a year	crt.sh
*.geckoandfly.com Amazon	`2020-07-20` - `2021-08-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Frame ID: 8BF5C1DC3EC158354DB5EEDE7C6A1449
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 6D0579835B5369FF906797548EEAFCC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&adk=1812271804&adf=3025194257&lmt=1620174270&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214159&bpp=18&bdt=148&idt=146&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8287576180829&frm=20&pv=2&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=167
Frame ID: 1AC22006987F4B6BAEDEA3E0CC63B801
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
Frame ID: B1DBFD98C3C202339F654A73742338BB
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36
Frame ID: 3F3882641CD60498E34957921C3FFFC1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170
Frame ID: 03519071E7CE9AC8E0D85CA0B7696022
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172
Frame ID: F3441E4F58D8081F205B205C6E0CC620
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Frame ID: A12DABDA29174FB8B8A917D33A1CD900
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html
Frame ID: 6B529DA3E5EAD5CC1E953F95E7B66AA7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 17AF6C04D29B680CF2AEB7FAD34B55C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html
Frame ID: E7CC8F2650AE2667CE1CE450543ED329
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 426A3E835768B2DF53C548DCAFD670BF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1A6EED21221FFF2D94B0BF06C7B85E9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

109
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

16
Subdomains

19
IPs

2
Countries

1692 kB
Transfer

3452 kB
Size

7
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://opentip.kaspersky.com/
Title: Kaspersky VirusDesk

Search URL Search Domain Scan URL

URL: https://vms.drweb.com/online/?lng=en
Title: Dr.Web Link Checker

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://metadefender.opswat.com/#!/
Title: MetaDefender Cloud

Search URL Search Domain Scan URL

URL: https://virusscan.jotti.org/
Title: Jotti’s Malware Scan

Search URL Search Domain Scan URL

URL: https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online.jpg
Title: <img src="https://cdn4.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online-830x360.jpg" alt="Jotti's Malware Scan" width="830" height="360" class="alignnone size-large wp-image-34585" srcset="https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online-830x360.jpg 830w, https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online-600x260.jpg 600w, https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online-768x333.jpg 768w, https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/jotti-multi-antivirus-scanner-online.jpg 1185w" sizes="(max-width: 830px) 100vw, 830px" />

Search URL Search Domain Scan URL

URL: https://www.virscan.org/
Title: VirSCAN

Search URL Search Domain Scan URL

URL: https://www.avira.com/en/analysis/submit
Title: Avira

Search URL Search Domain Scan URL

URL: https://www.fortiguard.com/faq/onlinescanner
Title: FortiGuard Online Scanner

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/
Title: Hybrid Analysis

Search URL Search Domain Scan URL

URL: https://cdn3.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus.jpg
Title: <img src="https://cdn4.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus-830x506.jpg" alt="Hybrid Analysis" width="830" height="506" class="alignnone size-large wp-image-34586" srcset="https://cdn2.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus-830x506.jpg 830w, https://cdn2.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus-600x366.jpg 600w, https://cdn2.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus-768x468.jpg 768w, https://cdn2.geckoandfly.com/wp-content/uploads/2020/01/hybrid-analysis-multi-antivirus.jpg 1392w" sizes="(max-width: 830px) 100vw, 830px" />

Search URL Search Domain Scan URL

URL: https://lab.bitbaan.com/home
Title: BitBaan MALab

Search URL Search Domain Scan URL

URL: https://cdn4.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus.jpg
Title: <img src="https://cdn4.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus-830x506.jpg" alt="BitBaan MALab" width="830" height="506" class="alignnone size-large wp-image-34587" srcset="https://cdn.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus-830x506.jpg 830w, https://cdn.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus-600x366.jpg 600w, https://cdn.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus-768x468.jpg 768w, https://cdn.geckoandfly.com/wp-content/uploads/2020/01/bitbaan-malab-antivirus.jpg 1392w" sizes="(max-width: 830px) 100vw, 830px" />

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/
Title: visit this link to opt out.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

109 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/ 101 KB
19 KB 643ms
142ms Document
text/html 205.186.140.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

205.186.140.181 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),

Reverse DNS

new-geckoandfly.com

Software

nginx / PleskLin

Resource Hash

27c9511f584288aa1b4c7db05df3470d481bf427e88447e8ce60d66196fb781a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.geckoandfly.com
:scheme: https
:path: /7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 05 May 2021 02:53:33 GMT
content-type: text/html; charset=UTF-8
content-length: 18659
last-modified: Wed, 05 May 2021 00:24:30 GMT
accept-ranges: bytes
cache-control: max-age=86400, must-revalidate
expires: Wed, 05 May 2021 02:53:36 GMT
vary: Accept-Encoding,Cookie
content-encoding: gzip
x-powered-by: PleskLin
link: <https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/>; rel="canonical"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 lazy_placeholder.gif
cdn4.geckoandfly.com/wp-content/themes/billboard/images/ 42 B
443 B 74ms
14ms Image
image/gif 2600:9000:2104:9e00:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.geckoandfly.com/wp-content/themes/billboard/images/lazy_placeholder.gif
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:9e00:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Mar 2021 06:50:54 GMT
via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified: Wed, 11 Dec 2019 07:40:43 GMT
server: nginx
age: 5169760
etag: "5df09d7b-2a"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 42
x-amz-cf-id: S9bC7W2syNdcx0veKjnpSYaLvdtYdgixz0gZc2EDqNfNxArdRCnalA==
expires: Sun, 06 Mar 2022 06:50:54 GMT

GET
H2 200 styles_thumbnails.css.php
www.geckoandfly.com/wp-content/plugins/yet-another-related-posts-plugin/includes/ 1 KB
783 B 134ms
133ms Stylesheet
text/css 205.186.140.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geckoandfly.com/wp-content/plugins/yet-another-related-posts-plugin/includes/styles_thumbnails.css.php?width=120&height=120&ver=5.1.3

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

205.186.140.181 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),

Reverse DNS

new-geckoandfly.com

Software

nginx / PHP/7.4.16 PleskLin

Resource Hash

36b54975d792cc7183bf51b802bf446e417d12ecc426a520439b6841686280bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/yet-another-related-posts-plugin/includes/styles_thumbnails.css.php?width=120&height=120&ver=5.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.geckoandfly.com
referer: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
link: <https://www.geckoandfly.com/wp-content/plugins/yet-another-related-posts-plugin/includes/styles_thumbnails.css.php?width=120&height=120&ver=5.1.3>; rel="canonical"
x-powered-by: PHP/7.4.16 PleskLin
x-frame-options: sameorigin
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 12 May 2021 02:53:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96d89386947fe4d0796ba1d3ef64465c947b19a46b307531b3d74985ac9374ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47846
x-xss-protection: 0
server: cafe
etag: 17853538716175550935
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
644 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 01:52:58 GMT
server: ESF
date: Wed, 05 May 2021 02:53:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 autoptimize_5b29e1aad0fb1c034bb17b535792c28e.css
cdn.geckoandfly.com/wp-content/cache/autoptimize/css/ 23 KB
7 KB 72ms
13ms Stylesheet
text/css 2600:9000:2104:5000:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geckoandfly.com/wp-content/cache/autoptimize/css/autoptimize_5b29e1aad0fb1c034bb17b535792c28e.css
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5000:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bcd31ba352ee949e9f574863142c1280832cbc2a79992eb06affc6dcf2850f6e

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 17:31:29 GMT
content-encoding: gzip
age: 1416125
x-cache: Hit from cloudfront
pragma: public
last-modified: Sun, 18 Apr 2021 17:31:28 GMT
server: nginx
etag: W/"607c6cf0-5ce9"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public, no-transform
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex
x-amz-cf-id: 3zrtzfRVq1KW__MT-PFQ-wJO8W4EcWAETlG2D6tAkMGmVMZV1KgYsw==
expires: Tue, 18 May 2021 17:31:29 GMT

GET
H2 200 logo-new.jpg
cdn3.geckoandfly.com/wp-content/themes/billboard/images/ 26 KB
26 KB 68ms
15ms Image
image/jpeg 2600:9000:2104:3800:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.geckoandfly.com/wp-content/themes/billboard/images/logo-new.jpg
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3800:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a781cbfc27a55c96bd19ce72de068f71b486ce76244b5ffa6575c2e5fcf6bd

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Feb 2021 19:32:31 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 11 Dec 2019 05:32:51 GMT
server: nginx
age: 7543263
etag: "5df07f83-679d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 26525
x-amz-cf-id: LeQgtdTVYAX6rqGdNZ8zMrYh1ZM0JlZgtc4P5-P3wbkJAVUtOah7wA==
expires: Sun, 06 Feb 2022 19:32:31 GMT

GET
H2 200 lazysizes.min.js Show response
cdn.geckoandfly.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 14ms
13ms Script
application/javascript 2600:9000:2104:5000:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geckoandfly.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5000:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 09:37:40 GMT
content-encoding: gzip
age: 1962954
x-cache: Hit from cloudfront
pragma: public
last-modified: Sun, 04 Apr 2021 05:41:20 GMT
server: nginx
etag: W/"60695180-2655"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public, no-transform
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex
x-amz-cf-id: kvMqYXy9ea3qyeIhp4Qq8udOVbz3wNZIo4pGLp_lOp8KU5o_6IviWA==
expires: Wed, 12 May 2021 09:37:40 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
672 B 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f6200558978509a1b16be45564b08cbebffbde560c03beda257bd2d3fb3a3c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 autoptimize_6e52386625383bbdc406ce3499a23785.js Show response
cdn.geckoandfly.com/wp-content/cache/autoptimize/js/ 117 KB
39 KB 14ms
13ms Script
application/javascript 2600:9000:2104:5000:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geckoandfly.com/wp-content/cache/autoptimize/js/autoptimize_6e52386625383bbdc406ce3499a23785.js
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5000:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 83d6ac928141210c62ebd17aec46cd982c50898a4427f6a1e925114a6e93b513

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 12:59:08 GMT
content-encoding: gzip
age: 1691666
x-cache: Hit from cloudfront
pragma: public
last-modified: Thu, 15 Apr 2021 12:59:08 GMT
server: nginx
etag: W/"6078389c-1d256"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public, no-transform
x-amz-cf-pop: AMS1-C1
x-robots-tag: noindex
x-amz-cf-id: JQW5CCkdNgMM01FwySRTtpvo5oUwgt6ewSbMWqHWbSJ07UXZF6ATVA==
expires: Sat, 15 May 2021 12:59:08 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ec8760e3452447e02fb4391656744f03643b539ba1531139457b69bd56736a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202104300101/ 223 KB
82 KB 49ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202104300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8729195058859236&plah=www.geckoandfly.com&amaexp=1&bust=exp%3D31060975

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3f8a7db89d0b2f94c3095498cad3ff335d71a546d130b075fd58274a7c6b067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84370
x-xss-protection: 0
server: cafe
etag: 13977240396788339960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.geckoandfly.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 522602
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 6D05 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 May 2021 02:53:05 GMT
expires: Wed, 19 May 2021 02:53:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 29
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcbffb31bdd8ed9a4c70d24a32b89ccd95871b0c0d6e25ef07a3a0e3958f65d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63c00c30ef9f41ae2192dea0eab02538eb79c053804c7f4bd062f17258fd3026

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c989db643f7e301909f43494b1a284f3320dd6198aba68ee0756aa7b168de3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83d02bbc2f57e3291fcd6984f409cfd8a5d758428870fdcd44b849e416154d3e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2079ac533041003933aeedca897db1a58a97fdf49cab0537e0ee4f067dad2e31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52750da96e88f2e665573331357cfc535820bb7fa442738d2338759830853100

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 075ee2a733b24063dc92d8357277a93c1ec52db9a2d5b90c940295f772e451f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2063
date: Wed, 05 May 2021 02:19:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 04:19:11 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ 335 KB
131 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.geckoandfly.com
Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29843
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:36:11 GMT

GET
H2 200 kaspersky-virusdesk.jpg
cdn4.geckoandfly.com/wp-content/uploads/2019/05/ 82 KB
83 KB 39ms
38ms Image
image/jpeg 2600:9000:2104:9e00:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.geckoandfly.com/wp-content/uploads/2019/05/kaspersky-virusdesk.jpg
Requested by: Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:9e00:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a0a9854412a2f38a20b754657fd8ba6f96b8fab9142f245c2193d03c6bc17591

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jan 2021 15:41:54 GMT
via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2019 04:56:55 GMT
server: nginx
age: 8075500
etag: "5cf89d17-149c6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 84422
x-amz-cf-id: elBhC3cBpZPNOoGkdjyyPr1eQ8HyPl1Bje83BN5xA45MVrHwACBrPQ==
expires: Mon, 31 Jan 2022 15:41:54 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=663102928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&ul=en-us&de=UTF-8&dt=10%20Online%20File%20%26%20URL%20Antivirus%20Scanners%20With%20Multiple%20Engines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=910926590&gjid=1723729902&cid=585191448.1620183214&tid=UA-73116-2&_gid=1653458700.1620183214&_r=1&_slc=1&z=1204156560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geckoandfly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
643 B 153ms
54ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.geckoandfly.com&callback=_gfp_s_&client=ca-pub-8729195058859236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202104300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8729195058859236&plah=www.geckoandfly.com&amaexp=1&bust=exp%3D31060975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

45c3625b339479105bc0fa5dad0cf5b1ba8dc3b9b3c881576a4d63c2aaf76112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.geckoandfly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.geckoandfly.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AC2 54 B
56 B 84ms
82ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&adk=1812271804&adf=3025194257&lmt=1620174270&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214159&bpp=18&bdt=148&idt=146&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8287576180829&frm=20&pv=2&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=167

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8729195058859236&output=html&adk=1812271804&adf=3025194257&lmt=1620174270&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214159&bpp=18&bdt=148&idt=146&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8287576180829&frm=20&pv=2&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=167
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:53:34 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 03:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:34 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1DB 147 KB
26 KB 189ms
188ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f5699ad1028debf294e74f07eca72cc668a6223f50ac94802513883fb789c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:53:34 GMT
server: cafe
content-length: 26390
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 03:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:34 GMT
cache-control: private

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3F38 19 KB
10 KB 33ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

560420cd0433d58df730d65f6d16a4a51b3a1f10d027fa50ba7eca5afc4a1826

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-maF7OoQENFE6QyZ6hBC1HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 May 2021 02:53:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-maF7OoQENFE6QyZ6hBC1HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10142
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0351 59 KB
20 KB 505ms
505ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8babd1abdc7caa660fddf3ab60bca0fa1439dea25b86c12f68576b93dec328e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMa92-fEsfACFT_XuwgdFeMCRw&gqi=rgiSYPTcFpXc7_UP2_-Q0AM&layout=/sadbundle/%24csp%253Der3%24/11085281760806699008/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMa92-fEsfACFT_XuwgdFeMCRw&gqi=rgiSYPTcFpXc7_UP2_-Q0AM&layout=/sadbundle/%24csp%253Der3%24/11085281760806699008/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:53:34 GMT
server: cafe
content-length: 20444
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 03:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:34 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F344 59 KB
20 KB 456ms
456ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87017c6a000a94707907f6e93a0912e5b7ca4325a48bb05ef9914779071ccd1c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPSh3OfEsfACFQqK_QcdzLcIZQ&gqi=rgiSYIymF4mP7_UP6rOwmAI&layout=/sadbundle/%24csp%253Der3%24/11085281760806699008/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPSh3OfEsfACFQqK_QcdzLcIZQ&gqi=rgiSYIymF4mP7_UP6rOwmAI&layout=/sadbundle/%24csp%253Der3%24/11085281760806699008/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:53:34 GMT
server: cafe
content-length: 20423
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 03:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:34 GMT
cache-control: private

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 3F38 51 KB
25 KB 16ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 21476
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Wed, 04 May 2022 20:55:38 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 3F38 335 KB
335 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:56:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 25009
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342680
x-xss-protection: 0
expires: Wed, 04 May 2022 19:56:45 GMT

GET
H3-29 200 W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js Show response
www.google.com/js/bg/ Frame 3F38 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 31150
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
expires: Wed, 04 May 2022 18:14:24 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3F38 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 543663
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 05 May 2021 19:52:31 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F38 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 18454
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 04 May 2022 21:46:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F38 15 KB
15 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 446814
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3F38 102 B
132 B 27ms
27ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoZ8YUAAAAAGKclqKwgKzdXIYjZiIk_SyPAvKQ&co=aHR0cHM6Ly93d3cuZ2Vja29hbmRmbHkuY29tOjQ0Mw..&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&badge=inline&cb=hieybsg8k36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 82c44077a7667644c724f9fdaa0fb536.js Show response
www.gstatic.com/mysidia/ Frame B1DB 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/82c44077a7667644c724f9fdaa0fb536.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b5f10e2f329f107d7a48b4d4dd02da5da66b94efc9a8eea906ded9eeec13cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 08:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 06:34:15 GMT
server: sffe
age: 586021
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2703
x-xss-protection: 0
expires: Tue, 27 Jul 2021 08:06:33 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B1DB 4 KB
618 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 02:08:14 GMT
server: ESF
date: Wed, 05 May 2021 02:53:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame B1DB 1 KB
989 B 28ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:52:57 GMT

GET
H3-29 200 7ee66046b601b7cc45ef092fcbd74ee4.js Show response
www.gstatic.com/mysidia/ Frame B1DB 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7ee66046b601b7cc45ef092fcbd74ee4.js?tag=exit_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27c9bcb3029c4b7dbe35036a053941ac36f3d548820b3c0acbaa2ded073c001d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 162350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
expires: Sun, 01 Aug 2021 05:47:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame B1DB 17 KB
7 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 00:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 00:13:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame B1DB 2 KB
2 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:36:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1DB 116 KB
35 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame B1DB 13 KB
6 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:37:43 GMT

GET
H2 200 2812125647371390652
tpc.googlesyndication.com/icore_images/ Frame B1DB 16 KB
16 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2812125647371390652

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563d429038438debcec9dd545a21eb41434fa7fe8f284820224958dbb11271c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:19:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 May 2019 02:34:43 GMT
server: sffe
age: 239658
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16182
x-xss-protection: 0
expires: Mon, 02 May 2022 08:19:16 GMT

GET
H2 200 2027987255125501249
tpc.googlesyndication.com/icore_images/ Frame B1DB 7 KB
7 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2027987255125501249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcdd2e0bb3392da43f43d2bb971435a631d29ef02eb2d732846d485eeb0bb292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 19 May 2019 10:13:56 GMT
server: sffe
age: 476994
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6665
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:23:40 GMT

GET
H2 200 11842109072887897380
tpc.googlesyndication.com/icore_images/ Frame B1DB 11 KB
11 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/11842109072887897380

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e54a1fa30c2a624adbb5a601104d2fa568b5f52e1e28e5648b6856696333d6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 14:24:41 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Mar 2021 15:49:11 GMT
server: sffe
age: 217733
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11659
x-xss-protection: 0
expires: Mon, 02 May 2022 14:24:41 GMT

GET
H2 200 4692214494179613196
tpc.googlesyndication.com/icore_images/ Frame B1DB 11 KB
11 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/4692214494179613196

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77901b157d6710803174fe1d1586a7cfbc0474a890a865ae478caf93038d52a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 May 2019 14:06:10 GMT
server: sffe
age: 566281
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10911
x-xss-protection: 0
expires: Thu, 28 Apr 2022 13:35:33 GMT

GET
H2 200 1328588159524143797
tpc.googlesyndication.com/icore_images/ Frame B1DB 12 KB
12 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/1328588159524143797

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae8dd2d663d4b3ae35ddbbac628bead3fc1348a6328daf7ee2907d062b426133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 14:54:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 16:39:33 GMT
server: sffe
age: 215930
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12633
x-xss-protection: 0
expires: Mon, 02 May 2022 14:54:44 GMT

GET
H2 200 11968946835546331179
tpc.googlesyndication.com/icore_images/ Frame B1DB 9 KB
9 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/11968946835546331179

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590f9c247dd6d233a4f89ce87ef8300179f73b6348c579c8578b64d46c66e102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 23:19:56 GMT
server: sffe
age: 88959
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9242
x-xss-protection: 0
expires: Wed, 04 May 2022 02:10:55 GMT

GET
H2 200 10034116320246911808
tpc.googlesyndication.com/icore_images/ Frame B1DB 13 KB
13 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/10034116320246911808

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

599c14f2f44d17443071e5272e672d1408df3bf2252cd0c126df2bf4c4435ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 14:24:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 14 Mar 2021 15:38:45 GMT
server: sffe
age: 217733
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
expires: Mon, 02 May 2022 14:24:41 GMT

GET
H2 200 4936209378670547724
tpc.googlesyndication.com/icore_images/ Frame B1DB 11 KB
11 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/4936209378670547724

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b03a18cef1738e5947b2418729b7d25d40f4cffbe7ff2722eaf114a1c4feb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:23:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Mar 2021 16:16:10 GMT
server: sffe
age: 26999
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11517
x-xss-protection: 0
expires: Wed, 04 May 2022 19:23:35 GMT

GET
H2 200 17832877105507044656
tpc.googlesyndication.com/icore_images/ Frame B1DB 13 KB
13 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/17832877105507044656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

123c7188982f9563916106ea050de072aefb0507a76b87a705a2c8e8c254870c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 15:36:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 15:20:24 GMT
server: sffe
age: 40603
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
expires: Wed, 04 May 2022 15:36:51 GMT

GET
H2 200 2037786814653844127
tpc.googlesyndication.com/icore_images/ Frame B1DB 9 KB
9 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2037786814653844127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9322bf7fd7d5eb21f346b38cb4b0fc19bbb109f09a28e5b36df904f704c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 15:35:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Aug 2020 17:07:33 GMT
server: sffe
age: 40684
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9558
x-xss-protection: 0
expires: Wed, 04 May 2022 15:35:30 GMT

GET
H2 200 671091456102426374
tpc.googlesyndication.com/icore_images/ Frame B1DB 9 KB
9 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/671091456102426374

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28bb7dbc3b0a865cb9affc6891ed9ea7952112e36aab452f0098c84a33c17daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 01:20:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 17:10:29 GMT
server: sffe
age: 264773
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9182
x-xss-protection: 0
expires: Mon, 02 May 2022 01:20:41 GMT

GET
H2 200 517229348176464413
tpc.googlesyndication.com/icore_images/ Frame B1DB 8 KB
8 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/517229348176464413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b60d8d410a890078b4d158dcf59824a95b4acc8707c5316b0b6fe3fa0687aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 12:47:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 18:43:22 GMT
server: sffe
age: 137192
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8584
x-xss-protection: 0
expires: Tue, 03 May 2022 12:47:02 GMT

GET
H2 200 6517219904987619044
tpc.googlesyndication.com/icore_images/ Frame B1DB 10 KB
10 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/6517219904987619044

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8c4b61f77a0f0890e14b6a8210e831cfe82473f5704227e9ceff0421a3b823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 15:35:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 14:18:31 GMT
server: sffe
age: 40684
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9893
x-xss-protection: 0
expires: Wed, 04 May 2022 15:35:30 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7vR4rgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAEg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xUGywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=ShQSQRjxH5w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 21ms
16ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnF6yrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAIg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xU2ywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=Y4RnOJUI8Nc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 23ms
16ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWOb6rgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAMg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xUmywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=_VbSXyZVCjY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 23ms
17ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHuKyrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAQg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xVWywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=7_z76b4V1P0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 23ms
17ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv07ArgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAUg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xVGywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=LCIW_zVVhCM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 25ms
18ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPvfnrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAYg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xV2ywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=uFvAc6g2z5A

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 25ms
19ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C86TJrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAcg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xVmywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=-ZOhKk20kgc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 23ms
18ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpPUgrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAgg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xWWywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=urtvw3S8uJM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 24ms
19ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch2uJrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAkg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xWGywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=HPUwogGJkcU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 22ms
17ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CejKnrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAog9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xW2ywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=pgaDrotAld4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 24ms
19ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNS2JrgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAsg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xWmywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=gIqwrJQYeOA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 28ms
23ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpfd2rgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEAwg9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xXWywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=foHlrJBP5x4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1DB 0
0 24ms
19ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI9p8rgiSYJLtFZ7d7_UPy4C92AKl1Z2xBY3cwrqfAqaerY1rEA0g9e2SAigNYJUCyAEBqAMByAPBBKoEjQJP0P0xXGywpiVuHW68hNLXCTsVoqbUXIARwq8DlyNoeG5OYNxfH5ji6lXbC5wgxc2S3GaW4GutvfMnCOp9D-sjC0GT0cgCE_HdS9ir-6EnunnCXGwzC3awB5JbARCld7LvchS6mEpr35vDttCh0-WWqjUzFlXBt1buc6deQEcKR0YyBiLd12pM3UBaZq-gxA-LKWAQ8mcauPjWYxixNAHtnt_LO2Mke5hbzXj5mIVCrth8kDl6nscSLdwvW-NWaxRmqgZjnGY0MRlAgsUmSIY95PvW_YHXlvKoY78ei3xEoB8s2Lvmmubxo0-mx7i8J5s7y1CVsBYCVMhBLNT-vksF59QvMEH6qUUiTTVqYcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=aTGh73vSC1w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=1200&slotname=5202255149&adk=2229249676&adf=778943601&pi=t.ma~as.5202255149&w=336&lmt=1620174270&rafmt=12&psa=0&format=336x1200&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214177&bpp=4&bdt=167&idt=155&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GCQr5DRu6P&p=https%3A//www.geckoandfly.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
DATA 200
OK truncated
/ Frame B1DB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98fb931163c6d465c2eeb94b1c7f0b8be14ca670f77744e45ed2d72e67ba8ec9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B1DB 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 472685
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame A12D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 17668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 21:59:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame F344 2 KB
1 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:36:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F344 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame F344 13 KB
5 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:37:43 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame 6B52 256 KB
38 KB 14ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3627f631896617d75d5f68abcc1f4a1d1d18d644299a4f871621cb527d3946d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11085281760806699008/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 30 Apr 2021 20:22:30 GMT
expires: Sat, 30 Apr 2022 20:22:30 GMT
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 39009
age: 369064
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F344 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrZPqrgiSYPSSGIqU9u8PzO-iqAaOi92qYq3IjonCDbTHsq-WDhABIPXtkgJglQKgAdTQ0JcDyAEJqQJygXyzDCi0PqgDAcgDAqoEtwJP0NKjN78O8t0h7Gb97iu7Y1z5-kTJIrzFVZfHWHWZkioihOlBxhWDt5wK-jxqcxbsfTSa0YfXlGMG76-CamXzBsfdmYaT_YHp-UgF05dZoSx3l4HB9cjJ-z4ZtvxT2XGhXXNesbmqrNXNi25IClFFnQgOM0KAIIm8OtxeuiHJhp0aRCXwjvFjn5uUwmm29IS7McSKLQpjyHZzOszGIsc9Pidzk0UUkJ9ae7F-JzTOcR7fiOMDugQyRE_gb9vniHOkEhFRPn12QeOsO-nw9-KLjpoQmCpDm_CI7sqbc5a0rcyYQbVMx8DZFM5S3bn5ak9xJjcVwHobdkuqcvRO51E1lcfVVJ6b96d8UMMMRVz9NxtWf-ZK6kTlOerH36HKlhxbxS9mfLgeZNjcdFecuEc3j_ZFOMtOgsAEpYy32bwDkgUECAQYAZIFBAgFGASgBl2AB8v_3GyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQv_8s0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=B9Q6yRD1NgU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 17AF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmpHZD7wAu-2Hldkw8QlKNkDYuiaLXO9eFSifGBb2PXHEVtMhRZN-gm99JL3-4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8761042340&adk=3902064357&adf=2098949634&pi=t.ma~as.8761042340&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214200&bpp=6&bdt=190&idt=168&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200%2C336x280&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nCiRTCJzea&p=https%3A//www.geckoandfly.com&dtd=172

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 05 May 2021 01:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3399
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 17AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmpHZD7wAu-2Hldkw8QlKNkDYuiaLXO9eFSifGBb2PXHEVtMhRZN-gm99JL3-4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 05 May 2021 02:53:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 05-May-2021 03:53:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 05 May 2021 02:53:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F344 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 947919bbd6351f3737749e762f1148458d258c1e10c81eeafbc5f9b1f33b706e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 0351 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:36:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0351 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 0351 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 May 2021 02:37:43 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame E7CC 256 KB
38 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3627f631896617d75d5f68abcc1f4a1d1d18d644299a4f871621cb527d3946d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11085281760806699008/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 30 Apr 2021 20:22:30 GMT
expires: Sat, 30 Apr 2022 20:22:30 GMT
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 39009
age: 369064
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0351 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAc7drgiSYMauF7-u7_UPlcaLuASOi92qYq3IjonCDbTHsq-WDhABIPXtkgJglQKgAdTQ0JcDyAEJqQLVPpdsqyi0PqgDAcgDAqoEvQJP0OR6B7nQ8-0b1jUFLPmLi5FPgsEcsTs9s5CqM8WE0kX83N6J3-Ix9_st2ltYscq2JR9gnSJJ3fYvnR5Im81KExPFlMd61cHvRmJMfXYm4Irsu6f-dnoiXqYFsf00GlPy3ON4PG94O_ZB_MvEX_l-S1CGHFY5766gUwkf91zz2H1QIXsF_RI4KNJfJpRuS11sOXKw6KlZuUrwV6K9A23IBHGRGLTHQTJd7_1oLzWILSKk8Yd8-W0zMAR2eWS4wjHGILFK_LIrb7f2dH_m2WRX7fllgRBxQ8KboJFHVeca1GbkZTtHmKTEokC8m-lb60QqCxyfTaddo6CL0M3PYExHk52opAeZSMX0Yw77H3WCY0X7GixmlCJwNMpvVRctjUbDAx9JND4OyvzoxigEs0npT90dgRbkd_F6M68uDMAEpYy32bwDkgUECAQYAZIFBAgFGASgBl2AB8v_3GyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQz-Ex0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTg3MjkxOTUwNTg4NTkyMzY&sigh=QluesFrbjL8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 05 May 2021 02:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 426A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmpHZD7wAu-2Hldkw8QlKNkDYuiaLXO9eFSifGBb2PXHEVtMhRZN-gm99JL3-4; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 05 May 2021 01:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3399
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B52 6 KB
641 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0889a02b0e67cd9606c30b6d8e7da2b733f912b3e05e377b83921d658f86d9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 01:12:47 GMT
server: ESF
date: Wed, 05 May 2021 02:53:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 02:53:34 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6B52 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 05 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6B52 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 05 May 2021 23:11:01 GMT

GET
DATA 200
OK truncated
/ Frame 0351 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8b0bff7104c9898d74f4aec37e7cf584c0677d5498b92d3aa923bad9249e53d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ Frame 6B52 36 KB
36 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 03:28:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:48:53 GMT
server: sffe
age: 257125
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37056
x-xss-protection: 0
expires: Mon, 02 May 2022 03:28:09 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E7CC 6 KB
641 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0889a02b0e67cd9606c30b6d8e7da2b733f912b3e05e377b83921d658f86d9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 01:45:54 GMT
server: ESF
date: Wed, 05 May 2021 02:53:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 02:53:35 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E7CC 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 05 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E7CC 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 05 May 2021 23:11:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 426A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

20ms
19ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8729195058859236&output=html&h=280&slotname=8854765944&adk=2959679708&adf=1803752272&pi=t.ma~as.8854765944&w=336&fwrn=4&fwrnh=100&lmt=1620174270&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=336&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620183214193&bpp=6&bdt=183&idt=166&shv=r20210429&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x1200&nras=1&correlator=8287576180829&frm=20&pv=1&ga_vid=585191448.1620183214&ga_sid=1620183214&ga_hid=663102928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=568&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C31060031%2C31060975%2C44739537&oid=3&pvsid=1801787721426587&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mVeLGywUOu&p=https%3A//www.geckoandfly.com&dtd=170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmpHZD7wAu-2Hldkw8QlKNkDYuiaLXO9eFSifGBb2PXHEVtMhRZN-gm99JL3-4; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 05 May 2021 02:53:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 05-May-2021 03:53:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:53:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 05 May 2021 02:53:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Grover_Logo_White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame 6B52 3 KB
1 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/Grover_Logo_White.svg

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9c13a65884d4aa13d4443ee5d3fea955f5568b31f76778cb89ee6899e77789

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 512229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1176
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Thu, 29 Apr 2021 04:36:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 04:36:26 GMT

GET
H3-29 200 hp_logo-s.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame 6B52 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/hp_logo-s.png

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904083575cc1db7b912834eab27643b1048d4511d550cf0e47aa0c98f6156506

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4656
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Sun, 02 May 2021 05:18:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 05:18:52 GMT

GET
H3-29 200 intel-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame 6B52 7 KB
7 KB 10ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/intel-logo.png

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

371d64aeda8211cf2b08e7c3633f6f1ed2ddc65abe5882f3c8c3f8ef60a578dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 17377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7329
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Tue, 04 May 2021 22:03:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 22:03:58 GMT

GET
H3-29 200 20191106_02_GAMING_PAIR_A_1B_ORISA-FF_PLUS_2002-S.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame 6B52 79 KB
79 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/20191106_02_GAMING_PAIR_A_1B_ORISA-FF_PLUS_2002-S.jpg

Requested by

Host: www.geckoandfly.com
URL: https://www.geckoandfly.com/7052/online-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0555479da212f1b6c7737ea365873421c169fb902b4949fa2a35c21ed42448ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 100728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81288
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Mon, 03 May 2021 22:54:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 22:54:47 GMT

GET
H3-29 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ Frame E7CC 36 KB
36 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 03:28:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:48:53 GMT
server: sffe
age: 257126
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37056
x-xss-protection: 0
expires: Mon, 02 May 2022 03:28:09 GMT

GET
H3-29 200 Grover_Logo_White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame E7CC 3 KB
1 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/Grover_Logo_White.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9c13a65884d4aa13d4443ee5d3fea955f5568b31f76778cb89ee6899e77789

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 512229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1176
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Thu, 29 Apr 2021 04:36:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 04:36:26 GMT

GET
H3-29 200 hp_logo-s.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame E7CC 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/hp_logo-s.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904083575cc1db7b912834eab27643b1048d4511d550cf0e47aa0c98f6156506

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 250483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4656
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Sun, 02 May 2021 05:18:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 05:18:52 GMT

GET
H3-29 200 intel-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame E7CC 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/intel-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

371d64aeda8211cf2b08e7c3633f6f1ed2ddc65abe5882f3c8c3f8ef60a578dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 17377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7329
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Tue, 04 May 2021 22:03:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 22:03:58 GMT

GET
H3-29 200 20191106_02_GAMING_PAIR_A_1B_ORISA-FF_PLUS_2002-S.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/ Frame E7CC 79 KB
79 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/20191106_02_GAMING_PAIR_A_1B_ORISA-FF_PLUS_2002-S.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11085281760806699008/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0555479da212f1b6c7737ea365873421c169fb902b4949fa2a35c21ed42448ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 100728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81288
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:52:04 GMT
server: sffe
date: Mon, 03 May 2021 22:54:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 22:54:47 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80ab52b69d55dd3cb5fb44990dfa79806d4002c3de0e34a18de80ab62d64dc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7662
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=1803752272&client=ca-pub-8729195058859236&eid=21066429%2C31060031%2C31060975%2C44739537&et=3&fwrattr=true&io=0&saldr=aa&oa=0.00&qid=CMa92-fEsfACFT_XuwgdFeMCRw&rafmt=12&roa=0&slot=8854765944&sp=0%2C0&tgt=ins%2Faswift_2_expand.0&tr=568%2C362%2C904%2C642&url=https%3A%2F%2Fwww.geckoandfly.com%2F7052%2Fonline-computer-virus-scanner-upload-and-scan-suspicious-files-with-multi-antivirus-engine%2F&vp=1600x1200

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 05 May 2021 02:53:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1A6E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geckoandfly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.geckoandfly.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 23:42:12 GMT
expires: Wed, 04 May 2022 23:42:12 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11483
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A6E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 17669
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 21:59:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=1801787721426587&bg=!WFulWx_NAAYXzPaOF8w7ACkAdvg8WkKhhDicSw2Q5G7B1LkXp-rhrxYOVNehuxL9sbbesNfUPOVGAQIAAABtUgAAAAhoAQeZAj0IYJmV7Co13yYoOXYMnsa1FjpUPFQxGD6o_MMo0vX7DbkDYNK_h29GyKOXbEIBMFVOu_yz6qZRUmiNslW8l_Nthzd6GhDTEqpvJzwTqfXLANHLoWtdcZvWb_nfVd_VQe65oWWmBvfNyezh6r04mVOqFgkIP43JTIiyJklFKQNIYTQZGfEifhslv4YAvJ4eO74MAugmA5-_b0Giya8CJcdABWFbI2_tLxTj-yNQp4m7eBil4c1-T83xqBl_YpY3KPEHa5XXptM7olHEyhxHEWO0Y7SYRL-Yt_nqV2kJttZe4xSCphVe7sRkA0LWewg8wddKXQ2S_G9n0ByLNxBRpXhWIQf3sCCqZYNqIa7xSkGwlfuwQvCMNpEbT22bipF8nLEWfQyZTYS_x9KGM-tz99MRrrxqdm5g-Haebd5luAwpzdGOD4-fEXsL0JpTWVMAreCwB62nRZkcOQIOC55QBJBZjKHJ-mfLEbWMMAVCrMXGnSS525Joaa6c_oitbeJ3Opkg4R-vKAVTqLPlHBGVfUnGX3RbitEZNBGME9WZqQpQ8n7JxRAoweag7RFyGsg9Fx8cuQyFjrLZbHA4f1Ru9h-w7QXqiaFPhJkl4UCltk2824MGoufP4VKf9_5iueaQKz93oTt36CQZ2p23dLeXz2XWdQ-CNKsFDM6ZmXC17UWaQ7wY33ReokCTKzfDBUGMAJmzSquT4WJz1FK4_0IjjMFZ9p8yW7jFr_xC5enX-eQ8b3ZdcWqwoR_zkvsrrLQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1DB 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui1hXbVbPggM4mrYHt98YA4SHRvmnbrXmWZuhbh0-CDniFCNMHZjNBcL34tZsZalLr2n4UMLtOKbQ3TnZ4XiMpmlmiGcMdIqub-B3XiuZdlrwa&sai=AMfl-YTYjnXCk-_EFpEJBsrfRG0iJnK3zs735pk1POxdULQhcqzqxm6RTCxRyuySychqUtHjQDYAPnXTCPxR&sig=Cg0ArKJSzNK5aFjB8OzYEAE&id=lidar2&mcvt=1000&p=546,202,630,538&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2229249676&rs=2&met=mue&la=1&cr=1&osd=1&vs=4&rst=1620183214339&dlt=215&rpt=57&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0351 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssI7I57fm9Tavvkh72a3GsMQaqo7r1Vyp1fa9nY6cUX-CRpOdz4PnFqhK8Vg4NSoDNus1mjK_ffi-s7zVI60ioY-Hb7T18Rxzl80Lm_Pf8IWa7hJSANfSw6oXGc1Q&sai=AMfl-YS99s_CXXfdI7G5S6KX8KCIUqv_cUq-dzBP9b4XRcb4aDpIa9TfHavWPc8f5YW2UdEooCZoGsZAcMla&sig=Cg0ArKJSzIQQ-IFq7sb_EAE&id=lidar2&mcvt=1001&p=362,568,642,904&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2959679708&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620183214364&dlt=531&rpt=38&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8729195058859236&su=www.geckoandfly.com&doc=complete&pg_h=14429&pg_w=1600&pg_hs=14429&c=3&aa_c=0&av_h=586.667&av_w=336&av_a=197120&s=30&all_s=30&b=12545&all_b=12545&d=0.122&all_d=0.122&ard=0.026&all_ard=0.026&dt=d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:53:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a-cats.webp
cdn3.geckoandfly.com/wp-content/themes/billboard/images/ 12 KB
13 KB 14ms
14ms Image
image/webp 2600:9000:2104:3800:10:e7af:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.geckoandfly.com/wp-content/themes/billboard/images/a-cats.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3800:10:e7af:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 90c91c9d671aedaf57fcbcfc2713537043949495c22427425c195e2dd3fbc42c

Request headers

Referer: https://www.geckoandfly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 08 Mar 2021 23:38:55 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 11 Dec 2019 05:48:53 GMT
server: nginx
age: 4936481
etag: "5df08345-309e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 12446
x-amz-cf-id: M49BvGp16lsbuOi08VAWvHHNzE41B3r-YKPAYooGHJaQufRsvAtv3A==
expires: Tue, 08 Mar 2022 23:38:55 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:03:06	Name: DSID Value: NO_DATA
.geckoandfly.com/	1970-01-20 03:24:39	Name: __gads Value: ID=cf38fa6467f991bf-22e7206f06c80086:T=1620183214:RT=1620183214:S=ALNI_Mar2mmDqUr3w000m0MBombku3q5OQ
.doubleclick.net/	1970-01-20 03:24:39	Name: IDE Value: AHWqTUmpHZD7wAu-2Hldkw8QlKNkDYuiaLXO9eFSifGBb2PXHEVtMhRZN-gm99JL3-4
.www.geckoandfly.com/	1970-01-19 18:03:03	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 18:03:04	Name: test_cookie Value: CheckForPermission
.www.geckoandfly.com/	1970-01-19 18:04:29	Name: _gid Value: GA1.3.1653458700.1620183214
.www.geckoandfly.com/	1970-01-20 11:34:15	Name: _ga Value: GA1.3.585191448.1620183214

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.geckoandfly.com/wp-content/cache/autoptimize/js/autoptimize_6e52386625383bbdc406ce3499a23785.js(Line 5) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.geckoandfly.com
cdn3.geckoandfly.com
cdn4.geckoandfly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.geckoandfly.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
172.217.23.98
205.186.140.181
2600:9000:2104:3800:10:e7af:5bc0:93a1
2600:9000:2104:5000:10:e7af:5bc0:93a1
2600:9000:2104:9e00:10:e7af:5bc0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0555479da212f1b6c7737ea365873421c169fb902b4949fa2a35c21ed42448ad
075ee2a733b24063dc92d8357277a93c1ec52db9a2d5b90c940295f772e451f7
0889a02b0e67cd9606c30b6d8e7da2b733f912b3e05e377b83921d658f86d9b4
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec8760e3452447e02fb4391656744f03643b539ba1531139457b69bd56736a6
0f5699ad1028debf294e74f07eca72cc668a6223f50ac94802513883fb789c02
0f6200558978509a1b16be45564b08cbebffbde560c03beda257bd2d3fb3a3c9
123c7188982f9563916106ea050de072aefb0507a76b87a705a2c8e8c254870c
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2079ac533041003933aeedca897db1a58a97fdf49cab0537e0ee4f067dad2e31
22d9322bf7fd7d5eb21f346b38cb4b0fc19bbb109f09a28e5b36df904f704c1d
27c9511f584288aa1b4c7db05df3470d481bf427e88447e8ce60d66196fb781a
27c9bcb3029c4b7dbe35036a053941ac36f3d548820b3c0acbaa2ded073c001d
28bb7dbc3b0a865cb9affc6891ed9ea7952112e36aab452f0098c84a33c17daf
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3627f631896617d75d5f68abcc1f4a1d1d18d644299a4f871621cb527d3946d1
36b54975d792cc7183bf51b802bf446e417d12ecc426a520439b6841686280bf
371d64aeda8211cf2b08e7c3633f6f1ed2ddc65abe5882f3c8c3f8ef60a578dc
3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
45c3625b339479105bc0fa5dad0cf5b1ba8dc3b9b3c881576a4d63c2aaf76112
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a8c4b61f77a0f0890e14b6a8210e831cfe82473f5704227e9ceff0421a3b823
4b03a18cef1738e5947b2418729b7d25d40f4cffbe7ff2722eaf114a1c4feb64
52750da96e88f2e665573331357cfc535820bb7fa442738d2338759830853100
560420cd0433d58df730d65f6d16a4a51b3a1f10d027fa50ba7eca5afc4a1826
590f9c247dd6d233a4f89ce87ef8300179f73b6348c579c8578b64d46c66e102
599c14f2f44d17443071e5272e672d1408df3bf2252cd0c126df2bf4c4435ade
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b60d8d410a890078b4d158dcf59824a95b4acc8707c5316b0b6fe3fa0687aed
5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60c989db643f7e301909f43494b1a284f3320dd6198aba68ee0756aa7b168de3
63c00c30ef9f41ae2192dea0eab02538eb79c053804c7f4bd062f17258fd3026
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
77901b157d6710803174fe1d1586a7cfbc0474a890a865ae478caf93038d52a9
80ab52b69d55dd3cb5fb44990dfa79806d4002c3de0e34a18de80ab62d64dc53
83d02bbc2f57e3291fcd6984f409cfd8a5d758428870fdcd44b849e416154d3e
83d6ac928141210c62ebd17aec46cd982c50898a4427f6a1e925114a6e93b513
8563d429038438debcec9dd545a21eb41434fa7fe8f284820224958dbb11271c
87017c6a000a94707907f6e93a0912e5b7ca4325a48bb05ef9914779071ccd1c
904083575cc1db7b912834eab27643b1048d4511d550cf0e47aa0c98f6156506
90c91c9d671aedaf57fcbcfc2713537043949495c22427425c195e2dd3fbc42c
93a781cbfc27a55c96bd19ce72de068f71b486ce76244b5ffa6575c2e5fcf6bd
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
947919bbd6351f3737749e762f1148458d258c1e10c81eeafbc5f9b1f33b706e
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
96d89386947fe4d0796ba1d3ef64465c947b19a46b307531b3d74985ac9374ca
98fb931163c6d465c2eeb94b1c7f0b8be14ca670f77744e45ed2d72e67ba8ec9
9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705
9d9c13a65884d4aa13d4443ee5d3fea955f5568b31f76778cb89ee6899e77789
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0a9854412a2f38a20b754657fd8ba6f96b8fab9142f245c2193d03c6bc17591
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a8babd1abdc7caa660fddf3ab60bca0fa1439dea25b86c12f68576b93dec328e
ae8dd2d663d4b3ae35ddbbac628bead3fc1348a6328daf7ee2907d062b426133
bcd31ba352ee949e9f574863142c1280832cbc2a79992eb06affc6dcf2850f6e
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dcbffb31bdd8ed9a4c70d24a32b89ccd95871b0c0d6e25ef07a3a0e3958f65d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8a7db89d0b2f94c3095498cad3ff335d71a546d130b075fd58274a7c6b067
e54a1fa30c2a624adbb5a601104d2fa568b5f52e1e28e5648b6856696333d6f4
e5b5f10e2f329f107d7a48b4d4dd02da5da66b94efc9a8eea906ded9eeec13cf
e8b0bff7104c9898d74f4aec37e7cf584c0677d5498b92d3aa923bad9249e53d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
fcdd2e0bb3392da43f43d2bb971435a631d29ef02eb2d732846d485eeb0bb292

www.geckoandfly.com Open in urlscan Pro 205.186.140.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

89 %IPv6

10 Domains

16 Subdomains

19 IPs

2 Countries

1692 kBTransfer

3452 kBSize

7 Cookies

14 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geckoandfly.com Open in urlscan Pro
205.186.140.181 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

16
Subdomains

19
IPs

2
Countries

1692 kB
Transfer

3452 kB
Size

7
Cookies

109 HTTP transactions
11 data transactions