dxline.info Open in urlscan Pro
185.66.9.166 Public Scan

URL:
http://dxline.info/
Submission: On August 13 via manual (August 13th 2021, 3:08:57 pm UTC) from US

Summary HTTP 59 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 59 HTTP transactions. The main IP is 185.66.9.166, located in New York, United States and belongs to COGENT-174, US. The main domain is dxline.info.

This is the only time dxline.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	185.66.9.166 185.66.9.166	174 (COGENT-174) (COGENT-174)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	185.63.191.153 185.63.191.153	29182 (THEFIRST-AS) (THEFIRST-AS)
11	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
59	14

20 185.66.9.166 (New York, United States)

ASN174 (COGENT-174, US)

dxline.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.63.191.153 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)

hostru.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	dxline.info dxline.info	827 KB
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	344 KB
7	doubleclick.net googleads.g.doubleclick.net	33 KB
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	17 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	googleapis.com fonts.googleapis.com	461 B
1	hostru.online hostru.online	736 B
1	googleadservices.com partner.googleadservices.com	656 B
59	11

	Domain	Requested by
20	dxline.info	dxline.info
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com dxline.info pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	dxline.info pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	dxline.info
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	hostru.online	dxline.info
1	partner.googleadservices.com	pagead2.googlesyndication.com
59	13

This site contains links to these domains. Also see Links.

Domain
drugline.info
medprep.info
play.google.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
hostru.online R3	`2021-07-12` - `2021-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://dxline.info/
Frame ID: 04A736BEB8ABF61A3F860B5F06680195
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 00AF00F3A3FFAA17C3232666A56300A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=90&slotname=2324937496&adk=2515422978&adf=3169601587&pi=t.ma~as.2324937496&w=160&lmt=1628867318&psa=0&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318290&bpp=11&bdt=174&idt=64&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=4006969882872&frm=20&pv=2&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=n1LIrGE4A2&p=http%3A//dxline.info&dtd=81
Frame ID: 6E65280E5B9125C73C51E977E260F528
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81
Frame ID: 5ADF9CD88C1A10FE0FB36D43B7FD406F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html
Frame ID: D151230F17B6165389ADEBEDEB26A8F8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8427E19C57897D95C77E8B15D41D9AE5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&adk=1812271804&adf=3025194257&lmt=1628867319&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdxline.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628867319361&bpp=1&bdt=1245&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4336679270c709ec-223ff6c2aac9007b%3AT%3D1628867318%3ART%3D1628867318%3AS%3DALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg&prev_fmts=300x600&prev_slotnames=2324937496&nras=1&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-eFvuimCuPlhgcLg7kw5QjdiJpFrwjnD43hDBZG7UwKRRbl8njRK62ejIEtLN3jvA9AROQkADai7U&pvsid=2970332555159112&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=8
Frame ID: 9248BDAB24F7244F3256CCFE5FA27562
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 39A44E721E898F89F7E72E720B7CF989
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E774AD1824F7BF34BB18BC7A4BB9FC18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i

Page Statistics

59
Requests

63 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1317 kB
Transfer

2055 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://drugline.info/
Title: Deutch

Search URL Search Domain Scan URL

URL: http://medprep.info/
Title: Русский

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.itsoftgroup.medicine&feature=top-free#?t=W251bGwsMSwxLDIwNSwiY29tLml0c29mdGdyb3VwLm1lZGljaW5lIl0.
Title: Get the app

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 19

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescription%20Drug%20Information%2C%20Side%20Effects%2C%20Interactions&utmhid=1040378548&utmr=-&utmp=%2F&utmht=1628867318333&utmac=UA-45860348-1&utmcc=__utma%3D155801198.1042486685.1628867318.1628867318.1628867318.1%3B%2B__utmz%3D155801198.1628867318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=671746901&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescription%20Drug%20Information%2C%20Side%20Effects%2C%20Interactions&utmhid=1040378548&utmr=-&utmp=%2F&utmht=1628867318333&utmac=UA-45860348-1&utmcc=__utma%3D155801198.1042486685.1628867318.1628867318.1628867318.1%3B%2B__utmz%3D155801198.1628867318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=671746901&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 33

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dxline.info/ 14 KB
4 KB 454ms
313ms Document
text/html 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 / PHP/5.4.45-3+deb.sury.org~precise+1
Resource Hash: 31731bd038eea2623dbd64a093a7863a4086d7eb85df437d7ec6955e92bfc044

Request headers

Host: dxline.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.10.1
Date: Fri, 13 Aug 2021 15:08:38 GMT
Content-Type: text/html
Content-Length: 4245
Connection: keep-alive
X-Powered-By: PHP/5.4.45-3+deb.sury.org~precise+1
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
dxline.info/css/ 14 KB
14 KB 119ms
117ms Stylesheet
text/css 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/css/styles.css
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 8217ab0990e35af4c88e0cda2840d254fca98cab47ebfd0ed43d1e68debdc6f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Fri, 07 Apr 2017 15:14:17 GMT
Server: nginx/1.10.1
ETag: "58e7acc9-379c"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14236

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
49 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 13 Aug 2021 15:08:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16652301563836661712
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49916
X-XSS-Protection: 0
Expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H/1.1 200
OK prettyPhoto.css
dxline.info/js/prettyPhoto_uncompressed_3.1.5/css/ 27 KB
27 KB 240ms
217ms Stylesheet
text/css 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/prettyPhoto_uncompressed_3.1.5/css/prettyPhoto.css
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-6a12"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27154

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.css
dxline.info/js/jquery-ui-1.9.2.custom/css/ui-lightness/ 32 KB
32 KB 239ms
216ms Stylesheet
text/css 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/jquery-ui-1.9.2.custom/css/ui-lightness/jquery-ui-1.9.2.custom.css
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 6ff5a775a5d7c134dba70e50b42ffbc541cc9a3fd20b43d38f40dddf532b2543

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Mon, 28 Oct 2013 12:33:43 GMT
Server: nginx/1.10.1
ETag: "526e59a7-7e71"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32369

GET
H/1.1 200
OK fix-styles.css
dxline.info/css/ 2 KB
3 KB 234ms
211ms Stylesheet
text/css 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/css/fix-styles.css
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 40d56b63f53e381b72062fb421245db8a7b0ec3b5f790ace4ce26c7c3b7d7f37

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Sat, 23 Nov 2013 22:53:39 GMT
Server: nginx/1.10.1
ETag: "529131f3-9ee"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2542

GET
H/1.1 200
OK responsive.css
dxline.info/css/ 3 KB
3 KB 237ms
214ms Stylesheet
text/css 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/css/responsive.css
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 4a1504361d6d39b8004d51a519fa1b6c77590d6e72cb59c9772c7e72aa4a89e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Wed, 15 Apr 2015 15:27:02 GMT
Server: nginx/1.10.1
ETag: "552e8346-a62"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2658

GET
H/1.1 200
OK jquery.min.js Show response
dxline.info/js/ 92 KB
92 KB 242ms
219ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/jquery.min.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 9c7df4ae40ea2889a60ff02db02cd63aff3a56a265e5559184876bc29547aaf9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 14 Apr 2015 23:03:52 GMT
Server: nginx/1.10.1
ETag: "552d9cd8-16f62"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94050

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.js Show response
dxline.info/js/jquery-ui-1.9.2.custom/js/ 440 KB
440 KB 239ms
117ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/jquery-ui-1.9.2.custom/js/jquery-ui-1.9.2.custom.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: f005ceb4ebadab955ecefd1adf286f663ea6a0c3f3cc5445e66db87fd13af7c9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Mon, 28 Oct 2013 12:33:43 GMT
Server: nginx/1.10.1
ETag: "526e59a7-6de52"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 450130

GET
H/1.1 200
OK modernizr.js Show response
dxline.info/js/vendor/ 30 KB
31 KB 460ms
119ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/vendor/modernizr.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 5ffea19163b0ac6bf4b18728f8782cab37d1c21705687032699bade030accc7c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-7900"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30976

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
dxline.info/js/prettyPhoto_uncompressed_3.1.5/js/ 34 KB
35 KB 551ms
119ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/prettyPhoto_uncompressed_3.1.5/js/jquery.prettyPhoto.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 69b9f33e4df23fdba9936dde14e85d532ba6850655d6c0696e0bf466ef41884b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-89a9"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35241

GET
H/1.1 200
OK script.js Show response
dxline.info/js/ 1 KB
1 KB 576ms
117ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/script.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 0cdb2143a33c00a0a80a00a6c34970127c36536e663772a8e8b563f53da3398e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Sat, 23 Nov 2013 21:03:49 GMT
Server: nginx/1.10.1
ETag: "52911835-4b1"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1201

GET
H/1.1 200
OK jquery.yiilistview.js Show response
dxline.info/assets/28d3e2eb/listview/ 5 KB
6 KB 692ms
131ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/assets/28d3e2eb/listview/jquery.yiilistview.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 7f47e900bfd2ed8f17dc0ac0679570f9ca3a0c3a63c7c0efe5f8ffa3ea776df6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Sun, 08 Sep 2013 23:05:34 GMT
Server: nginx/1.10.1
ETag: "522d02be-15ce"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5582

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6076
date: Fri, 13 Aug 2021 13:27:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 13 Aug 2021 15:27:22 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found body.png
dxline.info/img/ 6 KB
6 KB 584ms
165ms Image
text/html 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dxline.info/img/body.png
Requested by: Host: dxline.info
URL: http://dxline.info/css/styles.css
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 / PHP/5.4.45-3+deb.sury.org~precise+1
Resource Hash: afbe6c2781a419a235802d3cfb49525a8d24f583dcbebfd1682a6684e0bf6476

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dxline.info/css/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/5.4.45-3+deb.sury.org~precise+1
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Content-Length: 1930

GET
H/1.1 200
OK graphics.png
dxline.info/img/ 6 KB
7 KB 602ms
120ms Image
image/png 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dxline.info/img/graphics.png
Requested by: Host: dxline.info
URL: http://dxline.info/css/styles.css
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 947ea4bea0c47a9e214ecda05f1a93878ac8b16586754f9ddd9c2750976965e6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dxline.info/css/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Mon, 28 Oct 2013 12:33:43 GMT
Server: nginx/1.10.1
ETag: "526e59a7-195f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6495

GET
H/1.1 200
OK notoserif-regular-webfont.woff
dxline.info/fonts/ 80 KB
80 KB 220ms
116ms Font
application/octet-stream 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/fonts/notoserif-regular-webfont.woff
Requested by: Host: dxline.info
URL: http://dxline.info/css/styles.css
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: bc07a381a549cc3689efdbcf0d91da71f676266ca369b02782fe0f7dda3145ea

Request headers

Pragma: no-cache
Origin: http://dxline.info
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/css/styles.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://dxline.info
Referer: http://dxline.info/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1206f9-13ee0-4ea712488ed00"
Content-Length: 81632

GET
H/1.1 200
OK cuprum-regular-webfont.woff
dxline.info/fonts/ 30 KB
31 KB 220ms
118ms Font
application/octet-stream 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/fonts/cuprum-regular-webfont.woff
Requested by: Host: dxline.info
URL: http://dxline.info/css/styles.css
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 1c99180d5287bdc58aec69ec6ddf52a0cd63deca36712b531b97f63727242106

Request headers

Pragma: no-cache
Origin: http://dxline.info
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/css/styles.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://dxline.info
Referer: http://dxline.info/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:38 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1206f6-795c-4ea712488ed00"
Content-Length: 31068

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
94 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1358993158890239&plah=dxline.info

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 00AF 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 12 Aug 2021 21:06:33 GMT
expires: Thu, 26 Aug 2021 21:06:33 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 64925
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescripti...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescript...

35 B
54 B

14ms
14ms

Image
image/gif

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescription%20Drug%20Information%2C%20Side%20Effects%2C%20Interactions&utmhid=1040378548&utmr=-&utmp=%2F&utmht=1628867318333&utmac=UA-45860348-1&utmcc=__utma%3D155801198.1042486685.1628867318.1628867318.1628867318.1%3B%2B__utmz%3D155801198.1628867318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=671746901&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 15:08:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=316925194&utmhn=dxline.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prescription%20Drug%20Information%2C%20Side%20Effects%2C%20Interactions&utmhid=1040378548&utmr=-&utmp=%2F&utmht=1628867318333&utmac=UA-45860348-1&utmcc=__utma%3D155801198.1042486685.1628867318.1628867318.1628867318.1%3B%2B__utmz%3D155801198.1628867318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=671746901&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
656 B 144ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dxline.info&callback=_gfp_s_&client=ca-pub-1358993158890239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1358993158890239&plah=dxline.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a902c3acd6ca360faee6e7f8e9885b29a11ebbc4423c560e4b640292b83cb9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dxline.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dxline.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E65 436 B
236 B 374ms
373ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=90&slotname=2324937496&adk=2515422978&adf=3169601587&pi=t.ma~as.2324937496&w=160&lmt=1628867318&psa=0&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318290&bpp=11&bdt=174&idt=64&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=4006969882872&frm=20&pv=2&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=n1LIrGE4A2&p=http%3A//dxline.info&dtd=81

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a0bac91cb6fb70dcc762296390b5d6f66b7261f13dbfe8f498b0f46f75b406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1358993158890239&output=html&h=90&slotname=2324937496&adk=2515422978&adf=3169601587&pi=t.ma~as.2324937496&w=160&lmt=1628867318&psa=0&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318290&bpp=11&bdt=174&idt=64&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=4006969882872&frm=20&pv=2&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=n1LIrGE4A2&p=http%3A//dxline.info&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 15:08:38 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 15:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 15:08:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681433796959"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5ADF 71 KB
24 KB 554ms
554ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b3a7fbd99c083794fbec3f41c328bbb3b8e89716e13ae1dabd22becb24b518

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMD5mM-jrvICFVuDgwcd9vkHEg&gqi=9ooWYezdF6bO7_UPrby2sA4&layout=/sadbundle/%24csp%253Der3%24/6900199605347024896/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMD5mM-jrvICFVuDgwcd9vkHEg&gqi=9ooWYezdF6bO7_UPrby2sA4&layout=/sadbundle/%24csp%253Der3%24/6900199605347024896/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 15:08:38 GMT
server: cafe
content-length: 24139
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 15:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 15:08:38 GMT
cache-control: private

GET
H/1.1 200
OK VjtFnJ Show response
hostru.online/ 0
736 B 307ms
106ms Script
application/javascript 185.63.191.153
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hostru.online/VjtFnJ?se_referrer=&default_keyword=Prescription%20Drug%20Information%2C%20Side%20Effects%2C%20Interactions&&frm=script&_cid=17700e5c-9ece-508b-44a9-115b79d0ff75

Requested by

Host: dxline.info
URL: http://dxline.info/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.63.191.153 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 15:08:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Aug 2021 15:08:39 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 5ADF 2 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 15:08:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5ADF 124 KB
37 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 5ADF 14 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 15:01:24 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/ Frame D151 212 KB
27 KB 21ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2777bf4cb27be4a27a8c6bab9482d7137cbe95526794597f814673531ac204bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6900199605347024896/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 10 Aug 2021 03:44:23 GMT
expires: Wed, 10 Aug 2022 03:44:23 GMT
last-modified: Wed, 14 Apr 2021 13:45:19 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 26694
age: 300255
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5ADF 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr28X9ooWYcCmGNuGjuwP9vOfkAHWnYqrY-jE0NjqDf3Fot3DJhABILTCmwZglQKgAZjGw4gDyAEJqQKIXhNCX7azPqgDAcgDAqoErQFP0FhkPne6J02f4Fd9n5fGdjlVbyfDCMSTkQ2tODvURbcjJCtlC0_O5qdkkuvQ1mFuKL6Gkms5d4vJsYWQyHaJMnfySXnoTVI-PIw1GQrBSIElpi-jfMo0xLFwgVP_ol1ImFRYY6uN2Qrf1Qa-2nGOZnrv3lidKrRRmxN7SR-e0SJ_OZjMYdiIZP0nUS8vpEUW92GEqf2_-weDXVXb288n_SJKPKpb0tThiNF1EMAEpPHSyM8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB5aZvXeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQvKAB0ggJCIDhgHAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTEzNTg5OTMxNTg4OTAyMzkYAA&sigh=A74A6xR3nRQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 15:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8427 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&h=600&slotname=8083673896&adk=3674806669&adf=1199968654&pi=t.ma~as.8083673896&w=300&lmt=1628867318&psa=0&format=300x600&url=http%3A%2F%2Fdxline.info%2F&flash=0&wgl=1&dt=1628867318301&bpp=1&bdt=186&idt=78&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2324937496&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2970332555159112&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LIbQn83wVa&p=http%3A//dxline.info&dtd=81

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 14:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8427
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 15:08:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 13-Aug-2021 16:08:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 15:08:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 15:08:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame D151 2 KB
461 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:700,regular,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a820735819ad61f8b64c1838665bde645ebabdea419274bd3ec69f487960cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:54:31 GMT
server: ESF
date: Fri, 13 Aug 2021 15:08:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 15:08:38 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D151 16 KB
6 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Aug 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D151 26 KB
10 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 14 Aug 2021 12:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 5ADF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 992b0100cc7fe71339766331e16959397e4f2fc41906dee9d9af5f44f4882502

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v10/ Frame D151 26 KB
27 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v10/NGS6v5_NC0k9P9H2TbE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700,regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 02:27:08 GMT
x-content-type-options: nosniff
age: 304891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27112
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 19:03:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 02:27:08 GMT

GET
H3-29 200 wallbox-TMIsotype_horizontal_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/ Frame D151 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/wallbox-TMIsotype_horizontal_4.svg

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c2b631544ee7c2db25a08951147343fad8ff68623c30382498c8cc4819f547a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 13:45:19 GMT
server: sffe
date: Tue, 10 Aug 2021 07:55:47 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:55:47 GMT

GET
H3-29 200 wallbox-TMIsotype_horizontal_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/ Frame D151 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/wallbox-TMIsotype_horizontal_3.svg

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6685c62b7b0f86cd5797234d6070c2d841ac403653c66ea0cdf45cabebee5c6f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 13:45:19 GMT
server: sffe
date: Tue, 10 Aug 2021 07:55:47 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:55:47 GMT

GET
H3-29 200 fondo-display-convert-300x600-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/ Frame D151 65 KB
65 KB 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/fondo-display-convert-300x600-3.png

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3064e66a5381659aa1fbc07ff479008ab8cddc6b4583bc1db398174aa2268e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 300956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66820
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 13:45:19 GMT
server: sffe
date: Tue, 10 Aug 2021 03:32:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:32:43 GMT

GET
H3-29 200 fondo-display-convert-300x600-2_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/ Frame D151 49 KB
49 KB 9ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6900199605347024896/fondo-display-convert-300x600-2_1.png

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f1490e1d83c6e7790627798ffe23e78f1abd004434fa67a86bbd4d9726117a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 276311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50296
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 13:45:19 GMT
server: sffe
date: Tue, 10 Aug 2021 10:23:28 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 10:23:28 GMT

GET
H/1.1 200
OK dropdown.js
dxline.info/js/plugins/ 6 KB
6 KB 117ms
117ms Image
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dxline.info/js/plugins/dropdown.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dxline.info/
Cookie: __utma=155801198.1042486685.1628867318.1628867318.1628867318.1; __utmc=155801198; __utmz=155801198.1628867318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=155801198.1.10.1628867318; __gads=ID=4336679270c709ec-223ff6c2aac9007b:T=1628867318:RT=1628867318:S=ALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:39 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-161a"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5658

GET
H/1.1 200
OK helpers.js
dxline.info/js/ 3 KB
3 KB 120ms
120ms Image
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dxline.info/js/helpers.js
Requested by: Host: dxline.info
URL: http://dxline.info/
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dxline.info/
Cookie: __utma=155801198.1042486685.1628867318.1628867318.1628867318.1; __utmc=155801198; __utmz=155801198.1628867318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=155801198.1.10.1628867318; __gads=ID=4336679270c709ec-223ff6c2aac9007b:T=1628867318:RT=1628867318:S=ALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:39 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-a01"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2561

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 27ms
26ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fdxline.info%2F&tn=DIV&cls=l-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: dxline.info
URL: http://dxline.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 15:08:39 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dxline.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dxline.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9248 13 KB
5 KB 478ms
478ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1358993158890239&output=html&adk=1812271804&adf=3025194257&lmt=1628867319&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdxline.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628867319361&bpp=1&bdt=1245&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4336679270c709ec-223ff6c2aac9007b%3AT%3D1628867318%3ART%3D1628867318%3AS%3DALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg&prev_fmts=300x600&prev_slotnames=2324937496&nras=1&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-eFvuimCuPlhgcLg7kw5QjdiJpFrwjnD43hDBZG7UwKRRbl8njRK62ejIEtLN3jvA9AROQkADai7U&pvsid=2970332555159112&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c47fbfabe286c16f7474d39361503bd4c772919b4bbedc1069ae70c0f622aeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1358993158890239&output=html&adk=1812271804&adf=3025194257&lmt=1628867319&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdxline.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628867319361&bpp=1&bdt=1245&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4336679270c709ec-223ff6c2aac9007b%3AT%3D1628867318%3ART%3D1628867318%3AS%3DALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg&prev_fmts=300x600&prev_slotnames=2324937496&nras=1&correlator=4006969882872&frm=20&pv=1&ga_vid=1042486685.1628867318&ga_sid=1628867318&ga_hid=1040378548&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-eFvuimCuPlhgcLg7kw5QjdiJpFrwjnD43hDBZG7UwKRRbl8njRK62ejIEtLN3jvA9AROQkADai7U&pvsid=2970332555159112&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmMRt5xpeSRccCMDn4TXRYe7dtXQj7uQy2MvSaALtAGqJsnt0Oj1oS_az4jpBg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 15:08:39 GMT
server: cafe
content-length: 4634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dropdown.js Show response
dxline.info/js/plugins/ 6 KB
6 KB 118ms
117ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/plugins/dropdown.js
Requested by: Host: dxline.info
URL: http://dxline.info/js/vendor/modernizr.js
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: a8faf5f3edda79bb6602f687ac56c1b5b74512604900f417bba1249a2b182adc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Cookie: __utma=155801198.1042486685.1628867318.1628867318.1628867318.1; __utmc=155801198; __utmz=155801198.1628867318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=155801198.1.10.1628867318; __gads=ID=4336679270c709ec-223ff6c2aac9007b:T=1628867318:RT=1628867318:S=ALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:39 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-161a"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5658

GET
H/1.1 200
OK helpers.js Show response
dxline.info/js/ 3 KB
3 KB 118ms
118ms Script
application/x-javascript 185.66.9.166
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: http://dxline.info/js/helpers.js
Requested by: Host: dxline.info
URL: http://dxline.info/js/vendor/modernizr.js
Protocol: HTTP/1.1
Server: 185.66.9.166 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: b931ba81f649ec499569eacbdcecb1d4436b63c51b4547d6c2bba181cd7995ed

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dxline.info
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dxline.info/
Cookie: __utma=155801198.1042486685.1628867318.1628867318.1628867318.1; __utmc=155801198; __utmz=155801198.1628867318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=155801198.1.10.1628867318; __gads=ID=4336679270c709ec-223ff6c2aac9007b:T=1628867318:RT=1628867318:S=ALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:08:39 GMT
Last-Modified: Tue, 05 Nov 2013 17:12:52 GMT
Server: nginx/1.10.1
ETag: "52792714-a01"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2561

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1718ae2d6ea2476136c778b62f1722358a1c7a39849fff5dc872417b1fe85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8487
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1176ms
1176ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 13 Aug 2021 15:08:41 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5ADF 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkN07WVUGVBxJrLSQ6TwSFbB4NoDe1THc6KV6Cp6ZijUbDG96b5UFm8ebQNI1bbidgOsBR_piy043VzxnJYBCLp_yHd6WBS7wnnTL2Izm1Vahy1PotbO85eV9_sA&sai=AMfl-YR37CL1OXyLNvVBw6Fhmqi9l9Ey5tYLqvuKSLbal9Qd8UcMKS3O3r5TqMRFC7sgBJD_W6GuGbS4QnEW&sig=Cg0ArKJSzCryI1c5gmSoEAE&id=lidar2&mcvt=1000&p=366,1100,966,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210811&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3674806669&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1628867318383&dlt=557&rpt=645&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 39A4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 14:21:00 GMT
expires: Sat, 13 Aug 2022 14:21:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E774 783 B
833 B 17ms
17ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b137a1769b3389bbd324a40ab0a30119abb94b9ea7259c041c5f19262b024c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eQUh506TAbpGRM5RLap29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dxline.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dxline.info/

Response headers

expires: Fri, 13 Aug 2021 15:08:41 GMT
date: Fri, 13 Aug 2021 15:08:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eQUh506TAbpGRM5RLap29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 39A4 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210809&jk=2970332555159112&bg=!MTKlMnbNAAbOj6irzo87ACkAdvg8WkgKAKYr5cKFcF8lCHmBA4pbMNr88D9nXiX6paHdR87AONbQ1gIAAABgUgAAAAtoAQcKAIMYapcB7sJxWX7V2dFocbSxBu0H0is3XvPpQQ_7VeAg2ZAsfyDewAungN6zjPFQBzoXZU9J019aUAHIVoeZ1dTZqrc8lGHt1rI0gcg1Wb9iw6r3IY0RLeJOB1bM4Z7xxaWvR5di_paKhKoizH59X4qfOHEZBG2ENzta0bpVrV5Q_hQP4JkCd0adfEF9lsufKQKRZc7tXOIc0J62e1mI8s4YSPKUh86CgyGZ-UI3uMSzgAUJ3Hjfjd2Zy4aV8cc8DA55QUUfreEzbt8SK4-RFF9y5BYMmahfmU3_Q1ANSKPTG0qG6u_0xDV3YEjqvTOfjjkAVV1R7p4mHZ6vrITR5lhaRrNWL5mMkiattiKGGCdWx_MWlg2lkQFQ9Afc1PlhCZGXqvLVEq11FsJoJGCsBvxG4ZAj7JI86wpVE4GamLggih5Hq2YJxoRdHVxaVdy_8RjMJeS9lpdnVL_ufzJaskKQ0PgqyCKGCzZ-38xhxO-ImqdH9KYaeKQ24JyebjvYrXXn-hzMVrU8EH5_XlhcmJqCwtuu-KP5LI2j8EgMnSjjt3gd5OJwIpgsudxtRLkvLiyMHKKepLQ874giPRv7wADjLJPtuvfdDldgKYdCiVtOCVWJYYYjLLqlQVgiVUHHy8OMNvGB4VmCme4IMyQ3PAJbiz64A6bdCUB_7OdVZDN8m9TTBVU2I2bVEIDmHv1ivUW5s2IvwsciJcMEtsytJRvdt-jp1g4aEqdhwF_cbtOutO0I1ssetT_1bCV5wngxkpEuwHPuhKfOsy9gz4Lg6V7JAznXNV8pLhiZ6iKDyxwvnXEemWTyR9lG2Q9BvAByW1dpctECl7A2X9yeIYK620B4YgkB1FU84QXUW7Rn7GTKxT_TnN47pxReZyuBGnfsHJ1379N2B2mlIsaplGic7-E49Qe6dO91787siTrtpvDzj42EbUD7EDTLtQs4-PfEqm_lIDilq5PfUpEK5Zl9x1IYb6A0xMAQYdxLXzu0jMMXs-sHAK07CsH7EgcIJ9c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dxline.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D151 0
121 B 27ms
26ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=139.0000&a1=https&f1=layout_html&s1=0&d1=30.0000&i=528072299264&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F6900199605347024896%2Findex.html&gqi=9ooWYezdF6bO7_UPrby2sA4&qqi=CMD5mM-jrvICFVuDgwcd9vkHEg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 15:08:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:49:23	Name: IDE Value: AHWqTUmMRt5xpeSRccCMDn4TXRYe7dtXQj7uQy2MvSaALtAGqJsnt0Oj1oS_az4jpBg
.dxline.info/	1970-01-20 05:49:23	Name: __gads Value: ID=4336679270c709ec-223ff6c2aac9007b:T=1628867318:RT=1628867318:S=ALNI_Ma5ittA0MlxpUTZYEiRuei8gqbZfg
.doubleclick.net/	1970-01-19 20:27:50	Name: DSID Value: NO_DATA
.dxline.info/	1970-01-19 20:27:49	Name: __utmb Value: 155801198.1.10.1628867318
.dxline.info/	1970-01-19 20:27:47	Name: __utmt Value: 1
.dxline.info/	1970-01-20 00:50:35	Name: __utmz Value: 155801198.1628867318.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.dxline.info/	1969-12-31 23:59:59	Name: __utmc Value: 155801198
.dxline.info/	1970-01-20 13:58:59	Name: __utma Value: 155801198.1042486685.1628867318.1628867318.1628867318.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
dxline.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hostru.online
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.186.34
185.63.191.153
185.66.9.166
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
0cdb2143a33c00a0a80a00a6c34970127c36536e663772a8e8b563f53da3398e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c99180d5287bdc58aec69ec6ddf52a0cd63deca36712b531b97f63727242106
2777bf4cb27be4a27a8c6bab9482d7137cbe95526794597f814673531ac204bd
305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4
31731bd038eea2623dbd64a093a7863a4086d7eb85df437d7ec6955e92bfc044
32b3a7fbd99c083794fbec3f41c328bbb3b8e89716e13ae1dabd22becb24b518
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
40d56b63f53e381b72062fb421245db8a7b0ec3b5f790ace4ce26c7c3b7d7f37
4a1504361d6d39b8004d51a519fa1b6c77590d6e72cb59c9772c7e72aa4a89e7
4b1718ae2d6ea2476136c778b62f1722358a1c7a39849fff5dc872417b1fe85d
4c2b631544ee7c2db25a08951147343fad8ff68623c30382498c8cc4819f547a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ffea19163b0ac6bf4b18728f8782cab37d1c21705687032699bade030accc7c
6685c62b7b0f86cd5797234d6070c2d841ac403653c66ea0cdf45cabebee5c6f
69b9f33e4df23fdba9936dde14e85d532ba6850655d6c0696e0bf466ef41884b
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265
6ff5a775a5d7c134dba70e50b42ffbc541cc9a3fd20b43d38f40dddf532b2543
7f47e900bfd2ed8f17dc0ac0679570f9ca3a0c3a63c7c0efe5f8ffa3ea776df6
8217ab0990e35af4c88e0cda2840d254fca98cab47ebfd0ed43d1e68debdc6f2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a820735819ad61f8b64c1838665bde645ebabdea419274bd3ec69f487960cb0
947ea4bea0c47a9e214ecda05f1a93878ac8b16586754f9ddd9c2750976965e6
98a0bac91cb6fb70dcc762296390b5d6f66b7261f13dbfe8f498b0f46f75b406
992b0100cc7fe71339766331e16959397e4f2fc41906dee9d9af5f44f4882502
9b137a1769b3389bbd324a40ab0a30119abb94b9ea7259c041c5f19262b024c8
9c7df4ae40ea2889a60ff02db02cd63aff3a56a265e5559184876bc29547aaf9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8faf5f3edda79bb6602f687ac56c1b5b74512604900f417bba1249a2b182adc
a902c3acd6ca360faee6e7f8e9885b29a11ebbc4423c560e4b640292b83cb9b1
afbe6c2781a419a235802d3cfb49525a8d24f583dcbebfd1682a6684e0bf6476
b3064e66a5381659aa1fbc07ff479008ab8cddc6b4583bc1db398174aa2268e9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
b8f1490e1d83c6e7790627798ffe23e78f1abd004434fa67a86bbd4d9726117a
b931ba81f649ec499569eacbdcecb1d4436b63c51b4547d6c2bba181cd7995ed
bc07a381a549cc3689efdbcf0d91da71f676266ca369b02782fe0f7dda3145ea
c47fbfabe286c16f7474d39361503bd4c772919b4bbedc1069ae70c0f622aeec
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f005ceb4ebadab955ecefd1adf286f663ea6a0c3f3cc5445e66db87fd13af7c9
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6

dxline.info Open in urlscan Pro 185.66.9.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

63 %HTTPS

77 %IPv6

11 Domains

13 Subdomains

14 IPs

3 Countries

1317 kBTransfer

2055 kBSize

8 Cookies

3 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dxline.info Open in urlscan Pro
185.66.9.166 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

63 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1317 kB
Transfer

2055 kB
Size

8
Cookies

59 HTTP transactions
1 data transactions