camstudio.org Open in urlscan Pro
209.59.174.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://camstudio.org/
Submission: On September 17 via api (September 17th 2021, 11:29:03 pm UTC) from GB — Scanned from DE

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 209.59.174.236, located in United States and belongs to LIQUIDWEB, US. The main domain is camstudio.org.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.

This is the only time camstudio.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	209.59.174.236 209.59.174.236	32244 (LIQUIDWEB) (LIQUIDWEB)
1	52.217.1.166 52.217.1.166	16509 (AMAZON-02) (AMAZON-02)
9	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	172.67.80.85 172.67.80.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
10	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	204.68.111.105 204.68.111.105	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
13	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1	104.18.15.218 104.18.15.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
50	14

6 209.59.174.236 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host2.ironjet.com

camstudio.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.1.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.80.85 (United States)

ASN13335 (CLOUDFLARENET, US)

www.honesteonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.68.111.105 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

sourceforge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.15.218 (None, )

ASN13335 (CLOUDFLARENET, US)

a.fsdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	314 KB
10	doubleclick.net googleads.g.doubleclick.net	61 KB
6	camstudio.org camstudio.org	58 KB
4	google.com 2 redirects adservice.google.com www.google.com	1 KB
3	googletagservices.com www.googletagservices.com	105 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	fsdn.com a.fsdn.com	8 KB
1	googleadservices.com partner.googleadservices.com	659 B
1	sourceforge.net sourceforge.net	1 KB
1	honesteonline.com www.honesteonline.com	5 KB
1	amazonaws.com s3.amazonaws.com
50	11

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	camstudio.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	camstudio.org	camstudio.org
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	camstudio.org www.google-analytics.com
1	a.fsdn.com	camstudio.org
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sourceforge.net	camstudio.org
1	www.honesteonline.com	camstudio.org
1	s3.amazonaws.com	camstudio.org
50	13

This site contains links to these domains. Also see Links.

Domain
cs07112018.s3.us-east-2.amazonaws.com
www.gnu.org
sourceforge.net
www.honesteonline.com

Subject Issuer	Validity	Valid
camstudio.org R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sourceforge.net R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://camstudio.org/
Frame ID: C57C0EAE00159FD94A24701D0F33BF55
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: D92E50CF0C530E1A90A81822A2539185
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95
Frame ID: 15F6A350BE74D772F82D8B0AED1D3F60
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89
Frame ID: 4DA6F5EC440FAA095476749307CAF4DC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&adk=1812271804&adf=3025194257&lmt=1631921338&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcamstudio.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338528&bpp=1&bdt=587&idt=93&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C660x280&nras=1&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=99
Frame ID: C6EDFF31C9DAC746DA3B30F98484478E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7168318D393FB134FBA36B80EA0A61E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Frame ID: C4AC824C6E0030577E572E52D4E72188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 414EFF9E4E0F1F5292B4A5F74B6B555B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Frame ID: 32EEF27043140E5C81F4D81F56F9BFDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2B05C967206BA514B8D0D24AD025FA7D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA134C1A85EA87B2B7DD958734E480BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CamStudio - Free Screen Recording Software

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

573 kB
Transfer

1340 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cs07112018.s3.us-east-2.amazonaws.com/CamStudioSetup.exe
Title: Download CamStudio - Desktop Screen Recorder

Search URL Search Domain Scan URL

URL: https://www.gnu.org/licenses/licenses.html
Title: click here

Search URL Search Domain Scan URL

URL: https://sourceforge.net/projects/camstudio/files/legacy/CamStudioCodec_1.5_Setup.exe/download?accel_key=54%3A089ccdc8-180f-11ec-a16e-de6476c01aa5&click_id=089ccf62-180f-11ec-a16e-de6476c01aa5&source=accel

Search URL Search Domain Scan URL

URL: https://www.honesteonline.com/members/consumerpage.php?company=138&link=519

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
camstudio.org/ 17 KB
17 KB 515ms
150ms Document
text/html 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 / PHP/7.0.33
Resource Hash: b6d82653fbde6f16823a03da776f0aae75045a81eabd174480f637a76cd65b15

Request headers

:method: GET
:authority: camstudio.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
x-powered-by: PHP/7.0.33
content-type: text/html; charset=UTF-8

GET
H2 200 style.css
camstudio.org/ 1 KB
1 KB 118ms
118ms Stylesheet
text/css 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://camstudio.org/style.css
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 221b2b97d2e26770903a874cd9607aa1e40e93495651de12dc000d1543f86993

Request headers

:path: /style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: camstudio.org
referer: https://camstudio.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
last-modified: Sun, 01 Jan 2012 19:22:09 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
accept-ranges: bytes
etag: "19f070-406-4b57c61d89a40"
content-length: 1030
content-type: text/css

GET
H/1.1 403
Forbidden cookieconsent.latest.min.js
s3.amazonaws.com/cc.silktide.com/ 0
0 484ms
112ms Script
application/xml 52.217.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cc.silktide.com/cookieconsent.latest.min.js
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.1.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 logo-new.gif
camstudio.org/images/ 4 KB
4 KB 118ms
118ms Image
image/gif 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camstudio.org/images/logo-new.gif
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: b8d9c998da641c7f42f42f1ea114611ff63a29de69367b2ea75c0c5efd565d7e

Request headers

:path: /images/logo-new.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: camstudio.org
referer: https://camstudio.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
last-modified: Sun, 30 Sep 2007 08:30:49 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
accept-ranges: bytes
etag: "19f39c-1042-43b56231a6040"
content-length: 4162
content-type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 85ms
49ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: camstudio.org
URL: https://camstudio.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

697bfa7d90c984ab7f5493f3d094a92bf1852604b3dd8c0fe8146dba08ef8526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49015
x-xss-protection: 0
server: cafe
etag: 6245845363162115944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 23:28:58 GMT

GET
H2 200 BigGreenDownload.png
camstudio.org/images/ 26 KB
26 KB 118ms
118ms Image
image/png 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camstudio.org/images/BigGreenDownload.png
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 30fdb119b05e2b0d16c06514793054eedb982d72417f5005ebd5868baf7c347e

Request headers

:path: /images/BigGreenDownload.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: camstudio.org
referer: https://camstudio.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
last-modified: Mon, 04 Feb 2013 15:55:32 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
accept-ranges: bytes
etag: "19f371-6793-4d4e81f736500"
content-length: 26515
content-type: image/png

GET
H2 200 windows_compatible.jpg
camstudio.org/images/ 9 KB
9 KB 119ms
119ms Image
image/jpeg 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camstudio.org/images/windows_compatible.jpg
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: b267e778ba84b6f53cf8c9edc25f381d2830f0bdb56a72a448dff55d739484bd

Request headers

:path: /images/windows_compatible.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: camstudio.org
referer: https://camstudio.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
last-modified: Mon, 04 Feb 2013 15:55:47 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
accept-ranges: bytes
etag: "19f3af-241b-4d4e8205846c0"
content-length: 9243
content-type: image/jpeg

GET
H2 200 smilie.gif
camstudio.org/images/ 169 B
244 B 119ms
118ms Image
image/gif 209.59.174.236
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camstudio.org/images/smilie.gif
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.174.236 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.ironjet.com
Software: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 0f113e269bfeb565ededb6da231ce905e93562b96de4490107fab6f0bf793440

Request headers

:path: /images/smilie.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: camstudio.org
referer: https://camstudio.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
last-modified: Fri, 20 May 2005 23:50:53 GMT
server: Apache/2.4.48 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
accept-ranges: bytes
etag: "19f3a8-a9-3f7926477f140"
content-length: 169
content-type: image/gif

GET
H2 200 HEO_LogoRct5.jpg
www.honesteonline.com/images/ 4 KB
5 KB 74ms
22ms Image
image/jpeg 172.67.80.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.honesteonline.com/images/HEO_LogoRct5.jpg
Requested by: Host: camstudio.org
URL: https://camstudio.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.80.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3af96e1fe4a3c86e9571bb471accd1a669d51e0e737dd64d483a6491f37b286

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762884
x-powered-by: PleskLin
content-length: 4151
last-modified: Thu, 16 Aug 2012 04:47:00 GMT
server: cloudflare
etag: "502c7b44-1037"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfJkU2ioSt15cZxjfts9UYBliqM86YNBRmg0ZrW7b6l2JIMITl7yxq93V5Oz6RXY7Po2BnDU1Rl%2FlwzPDPTfT5YbbDRjTVzGooFwG%2BhRPkM4S1WJ9Hn5mOrQ79KjffkGrphdaCHKQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=290304000
accept-ranges: bytes
cf-ray: 69061d2dcd7f2794-PRG
cf-bgj: h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: camstudio.org
URL: https://camstudio.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2521
date: Fri, 17 Sep 2021 22:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 18 Sep 2021 00:46:57 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 253 KB
94 KB 32ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e02f265a1e48c90891bf069c8ce4646c08c8ac6ce28da5340719c3f667b51c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95713
x-xss-protection: 0
server: cafe
etag: 12079502388749246152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 23:28:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame D92E 10 KB
5 KB 28ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 17 Sep 2021 12:31:14 GMT
expires: Fri, 01 Oct 2021 12:31:14 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 39464
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
sourceforge.net/accelerator/ 2 KB
1 KB 539ms
182ms Script
application/javascript 204.68.111.105
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://sourceforge.net/accelerator/js?partner_id=54&button_size=small

Requested by

Host: camstudio.org
URL: https://camstudio.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.68.111.105 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f9dd6325e2e59cdea34acd62afc7744abf016fbd396cba7dfd1dfa5d0b691f53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-security-policy: frame-ancestors 'self', upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-ua-compatible: IE=edge,chrome=1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 50ms
23ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=163709825&t=pageview&_s=1&dl=https%3A%2F%2Fcamstudio.org%2F&ul=en-us&de=UTF-8&dt=CamStudio%20-%20Free%20Screen%20Recording%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1159726741&gjid=95540371&cid=1203543753.1631921339&tid=UA-133984-3&_gid=235079592.1631921339&_r=1&_slc=1&z=253199527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://camstudio.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 23:28:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://camstudio.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
659 B 155ms
49ms Script
text/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=camstudio.org&callback=_gfp_s_&client=ca-pub-7724567992657709

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

65c1eec102260e467d296000961af50506eb13f48ce17da647df8da6d2eb6c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
16ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=camstudio.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15F6 66 KB
25 KB 535ms
520ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

181677484bc9e9f343a9e3de02a8c7bdbb259344d76f55e2353e5f1cf77d9ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 23:28:59 GMT
server: cafe
content-length: 25176
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 23:43:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 23:28:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 253ms
201ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1631879122047051"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 17 Sep 2021 23:28:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DA6 88 KB
27 KB 427ms
422ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ff0eed92ebc735e43eb75297b103c198eb4804b164c02311dcb198fbd9179970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 23:28:59 GMT
server: cafe
content-length: 27596
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 23:43:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 23:28:59 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6ED 9 KB
4 KB 238ms
238ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&adk=1812271804&adf=3025194257&lmt=1631921338&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcamstudio.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338528&bpp=1&bdt=587&idt=93&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C660x280&nras=1&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=99

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f71b33030b8dbd03fc97ddcda7b117db84863978db2add307aa9b99402a92d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7724567992657709&output=html&adk=1812271804&adf=3025194257&lmt=1631921338&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcamstudio.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338528&bpp=1&bdt=587&idt=93&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C660x280&nras=1&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 23:28:58 GMT
server: cafe
content-length: 4035
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 23:43:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 23:28:58 GMT
cache-control: private

GET
H2 200 9649155778213650994
tpc.googlesyndication.com/simgad/ Frame 4DA6 13 KB
13 KB 55ms
13ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9649155778213650994?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm7328bdHAanYZzTvTt5xsP29X00Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

272245472765d33ef36e5ee46e932de953689b5bf00801ca95261b47d40e5563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 12:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 15:11:53 GMT
server: sffe
age: 299767
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12938
x-xss-protection: 0
expires: Wed, 14 Sep 2022 12:12:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 4DA6 18 KB
8 KB 54ms
12ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 22:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 22:44:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4DA6 2 KB
2 KB 44ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 20:34:36 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4DA6 67 B
196 B 44ms
7ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 17:58:30 GMT
x-content-type-options: nosniff
server: cafe
age: 19829
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 18 Sep 2021 17:58:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4DA6 0
0 19ms
19ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C67i3uiRFYcXgJof53gOG6Y74B7DKm5hk0L6i_6sOsJAfEAEglsSLAmDJBqABnriknQPIAQKoAwHIA8kEqgSyAU_QBRlW4CXjM_s-oNVP7XmMYE1zUg8edwdvfW-NpXSIFivY8E-Vh_dgeHXf-Y91wcBMyJh6q6Y5l32LfuAVEBpQ23vrcnhMawAi37ZfKr75yNs9xDFmTS3kYA7yFJIjd2rTagz7OVOPWx4FyZrQyUsoO4WZgXUJoBu2hD2xPvkMNuWMar38tyzb8PVemOoIAa0baMjnEDz-6hQHriPvdSQOKitydMd_IuEyy_EkDX9RBurABPfXtriwA5IFBAgEGAGSBQQIBRgEoAYCgAfKx9tiqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBDDj3nSCAcIgGEQARgfgAoByAsBogwIKgYKBPiesQLYEw3QFQGAFwGyFxwKGggAEhRwdWItNzcyNDU2Nzk5MjY1NzcwORgA&sigh=nYM1_ZV_CaQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 17 Sep 2021 23:28:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Sep 2021 23:28:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DA6 128 KB
39 KB 47ms
27ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 17 Sep 2021 23:28:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4DA6 14 KB
6 KB 48ms
15ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 13:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 13:03:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4DA6 26 KB
11 KB 40ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10868
x-xss-protection: 0
server: cafe
etag: 12321585598139428879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 08:02:41 GMT

GET
H2 200 button
a.fsdn.com/con/app/accelerator/ 7 KB
8 KB 94ms
19ms Image
image/png 104.18.15.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.fsdn.com/con/app/accelerator/button?button_size=small

Requested by

Host: camstudio.org
URL: https://camstudio.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4935d3f5d8385ef6cccca169b72e3a5fcd27dd8e690bfb522e15205f5fd1168e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 546017
cf-polished: origSize=11416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7330
x-ua-compatible: IE=edge,chrome=1
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self', upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 69061d31cc60f9e2-PRG
expires: Sat, 17 Sep 2022 23:28:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7168 143 B
163 B 7ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmWGLo5VMZz-KWuMln4nSh2rT-McnJ-faJOdN7r7cogkbRNYHpLHA2uG-GIezo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=5084616630&adk=838702270&adf=1582090613&pi=t.ma~as.5084616630&w=660&fwrn=4&fwrnh=100&lmt=1631921338&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338525&bpp=2&bdt=584&idt=84&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=965845914248&frm=20&pv=1&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=470&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WBRMayfsVg&p=https%3A//camstudio.org&dtd=89

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 17 Sep 2021 23:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4DA6 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45608c762f65e8fd674223e2d1f1487a2b2f2a60b2fd223319c1c68e2f81e8bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11715624240976887771
tpc.googlesyndication.com/simgad/ Frame 15F6 49 KB
49 KB 28ms
12ms Image
image/gif 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11715624240976887771

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

660e213e2ac3416936141194c1a43035e49bd0a00885bed5dd6709d9cfbc819d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:53:56 GMT
x-content-type-options: nosniff
age: 462903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50125
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 03:56:13 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Mon, 12 Sep 2022 14:53:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 15F6 18 KB
7 KB 25ms
9ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 22:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 22:44:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 15F6 2 KB
1 KB 23ms
11ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 20:34:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15F6 128 KB
39 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 17 Sep 2021 23:28:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 15F6 14 KB
6 KB 20ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 13:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 13:03:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 15F6 26 KB
11 KB 19ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10868
x-xss-protection: 0
server: cafe
etag: 12321585598139428879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 08:02:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15F6 0
0 20ms
20ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrQavuiRFYcHbJoWArATI2a-ACdbbzJdluOH1lpIOsJAfEAEglsSLAmDJBqAB_8jhqwLIAQOoAwHIA8kEqgSrAU_QAParEc8WjOfOriQcHaUwShLNLdwTMv1OWlNNmmgh60g7c5xvf_V6i-W2BSVs4rJ4rnsrYrOaA8H11_8YBGAKTrnYZfp5byuwUE4h6GnBYEKQdukch6hq7bR6FIAye2U0U5c6H9PpkM6Avbf9WhmQqLo2VT11CHo5KITcbKKjSXwPyke0fspgKp43g7bcP-boipYY3vzgm4Cr0vql-C5HJbMzpBXYW4QBTMAE8beC-6cDkgUECAQYAZIFBAgFGASgBgOAB-m2ntQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBRDWo8EB0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NzI0NTY3OTkyNjU3NzA5GAA&sigh=ZF36Rj3Slr4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 17 Sep 2021 23:28:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7168
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

15ms
15ms

Document
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmWGLo5VMZz-KWuMln4nSh2rT-McnJ-faJOdN7r7cogkbRNYHpLHA2uG-GIezo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Sep 2021 23:28:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 18-Sep-2021 00:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 23:28:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Sep 2021 23:28:59 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js Show response
pagead2.googlesyndication.com/bg/ Frame C4AC 35 KB
13 KB 10ms
9ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 16:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13243
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 17 Sep 2022 16:15:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 414E 143 B
163 B 7ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmWGLo5VMZz-KWuMln4nSh2rT-McnJ-faJOdN7r7cogkbRNYHpLHA2uG-GIezo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7724567992657709&output=html&h=280&slotname=9794017839&adk=401930702&adf=2158763885&pi=t.ma~as.9794017839&w=336&lmt=1631921338&psa=0&format=336x280&url=https%3A%2F%2Fcamstudio.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631921338508&bpp=4&bdt=567&idt=77&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=965845914248&frm=20&pv=2&ga_vid=1203543753.1631921339&ga_sid=1631921339&ga_hid=163709825&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=632&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750532%2C31062094&oid=3&pvsid=2741937215992042&pem=295&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nH0PqjWTDP&p=https%3A//camstudio.org&dtd=95

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 17 Sep 2021 23:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 15F6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 649adcf9e16210aa44525c70ec9f0269847758b341658c7c0a33d180ae9dfeab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 48ms
27ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a9732ca58ed1e3bc9393b8a00198750fa824ad06db54ad6da6475d015299c18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 23:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8505
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 414E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

16ms
15ms

Document
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmWGLo5VMZz-KWuMln4nSh2rT-McnJ-faJOdN7r7cogkbRNYHpLHA2uG-GIezo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Sep 2021 23:28:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 18-Sep-2021 00:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 23:28:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Sep 2021 23:28:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js Show response
pagead2.googlesyndication.com/bg/ Frame 32EE 35 KB
13 KB 9ms
8ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 16:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13243
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 17 Sep 2022 16:15:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 334ms
333ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 23:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 17 Sep 2021 23:28:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2B05 12 KB
5 KB 7ms
6ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 17 Sep 2021 16:46:43 GMT
expires: Sat, 17 Sep 2022 16:46:43 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA13 783 B
537 B 18ms
18ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

b56159e57b979a8ababed6e53d4f859c90bcd13c8c69177da6b138ea4e548b0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OHPnUVf6NOKSQD5OVVAWXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://camstudio.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 17 Sep 2021 23:28:59 GMT
date: Fri, 17 Sep 2021 23:28:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OHPnUVf6NOKSQD5OVVAWXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B05 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 16:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13243
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 17 Sep 2022 16:15:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA13 0
0 26ms
25ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=2741937215992042&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 28ms
28ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=2741937215992042&bg=!jY6ljsrNAAaUnz4elJ87ACkAdvg8WvLsPBIipVJBG2MmbJ8Hf-Eo5xywVB9YbKUIqSbQJeNwB5vCpgIAAACKUgAAAAxoAQcKADRSSGeUwmDqkudbNADCGUNbOQ4gh6JbjVj-JeDsz-Kmj52_jGV2y9kVT44UhO_cJOvZUsJumQJ1L-2R547g_hbX4sSTM3_zaNZStMAiX2yhhtyiVoBoyvZz2Tr1bCfaOkzaVevmIOBJwrTWBWaa6OD79N6fqdjdt5OJTMgXoLbLLjnvitDltPXIhtCu4tHk1S2fmm3svhXKW86gDebUh-oMEXqWIgbIATPic6wUSrivJS0GMKCaDt_tYd1b1D2UjVUv8Soz5GjxHhZ_66pWMDw88BqEyqOsh3f5KNrPKt5qxwPdd6vNGzUdPfKxJ841iRkjEZJTLi7O4oxL4Ro9tFrDmHBppK1lvUlCv5B62xvEg6EGZIAN2feLVoTJIiVDm1auf9TYue0hqoq7iH49cDYaQMPCIvLezmr3Fl7ql0VEG-FvEQ-LHR3_Pq1JUao3NhPgdziBQWvm8j9O_lC3GPOH8WUZVO9ExEX-L_8g2H8v4zClDf-nqsjS9HsCww33iCye1W4CnjcJb7D7s9d-CnlQdQpKm54Y4NKGODOB7eZWTR_yAu9pD7Y0npMFz-IXEu1CJTqXhWNHLybtw99e0jteWsAsiW9A-ofTtfvNgOCo6ApxhJVfCc_Om9YdIMJdqbkvdBBwfMVWvkRaCOn8rkt_A5T1AbL3zhU8brUzewdtycZ9yBPOb-1grQUvswS_o3DSjavr-bmRnop_NtD06gUmqJcrcN6Yvirq_j5Kxvr5m2PWijjNxMeY94MvHjE3aSbyNf2_IeLnTdXJ8SzOSOGB0D0G3aURzkAJYSPRvPj3HZMxMKMIqeB1bO_-IGEXx0zm5ltO_p7bYjyemUV6iY96XYl7WssCaT8ifyiMEYwPcI4Ra4Xs64_LCMf3_nNT3R9NLAgtTSWkjTnZNcM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://camstudio.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15F6 42 B
64 B 26ms
24ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstllG3YuphdjYAtUoBWvHWEAL2grwaNx8HHy4q8fXXkwwZtbMFJ3TkdFO3CXZnt0NeJk8q1YXY9jd-UK6W4SJRylbQNa9io_WCcYrP_fFh_Uv88cAc&sai=AMfl-YTnRbMqi_mx5YtNJtLpI6aNarOytkg0pSCy79W6mkzXLgIYYoQt-Gwq7mEO-IJHGsi61X_BKGWQ5sWJ&sig=Cg0ArKJSzCR42y8EqO__EAE&id=lidar2&mcvt=1000&p=176,632,456,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=401930702&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631921338605&rpt=760&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 23:29:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.camstudio.org/	1970-01-20 14:49:53	Name: _ga Value: GA1.2.1203543753.1631921339
.camstudio.org/	1970-01-19 21:20:07	Name: _gid Value: GA1.2.235079592.1631921339
.camstudio.org/	1970-01-19 21:18:41	Name: _gat Value: 1
.camstudio.org/	1970-01-20 06:40:17	Name: __gads Value: ID=e02e41b9cbfe24df-22724f7d36c900a6:T=1631921338:RT=1631921338:S=ALNI_MbSJ6OxJd40B2YoPLZ1hGOpK15Otw
.doubleclick.net/	1970-01-20 14:49:53	Name: IDE Value: AHWqTUmWGLo5VMZz-KWuMln4nSh2rT-McnJ-faJOdN7r7cogkbRNYHpLHA2uG-GIezo
.doubleclick.net/	1970-01-19 21:18:42	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:18:44	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.amazonaws.com/cc.silktide.com/cookieconsent.latest.min.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.fsdn.com
adservice.google.com
camstudio.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s3.amazonaws.com
sourceforge.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.honesteonline.com
104.18.15.218
142.250.181.226
142.250.185.142
142.250.185.196
142.250.185.225
142.250.185.226
142.250.186.98
142.250.74.194
172.217.19.98
172.67.80.85
204.68.111.105
209.59.174.236
52.217.1.166
0f113e269bfeb565ededb6da231ce905e93562b96de4490107fab6f0bf793440
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181677484bc9e9f343a9e3de02a8c7bdbb259344d76f55e2353e5f1cf77d9ab7
221b2b97d2e26770903a874cd9607aa1e40e93495651de12dc000d1543f86993
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
272245472765d33ef36e5ee46e932de953689b5bf00801ca95261b47d40e5563
30fdb119b05e2b0d16c06514793054eedb982d72417f5005ebd5868baf7c347e
45608c762f65e8fd674223e2d1f1487a2b2f2a60b2fd223319c1c68e2f81e8bd
4935d3f5d8385ef6cccca169b72e3a5fcd27dd8e690bfb522e15205f5fd1168e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
649adcf9e16210aa44525c70ec9f0269847758b341658c7c0a33d180ae9dfeab
65c1eec102260e467d296000961af50506eb13f48ce17da647df8da6d2eb6c35
660e213e2ac3416936141194c1a43035e49bd0a00885bed5dd6709d9cfbc819d
68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29
697bfa7d90c984ab7f5493f3d094a92bf1852604b3dd8c0fe8146dba08ef8526
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9732ca58ed1e3bc9393b8a00198750fa824ad06db54ad6da6475d015299c18a
b267e778ba84b6f53cf8c9edc25f381d2830f0bdb56a72a448dff55d739484bd
b56159e57b979a8ababed6e53d4f859c90bcd13c8c69177da6b138ea4e548b0b
b6d82653fbde6f16823a03da776f0aae75045a81eabd174480f637a76cd65b15
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8d9c998da641c7f42f42f1ea114611ff63a29de69367b2ea75c0c5efd565d7e
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
e02f265a1e48c90891bf069c8ce4646c08c8ac6ce28da5340719c3f667b51c30
e3af96e1fe4a3c86e9571bb471accd1a669d51e0e737dd64d483a6491f37b286
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71b33030b8dbd03fc97ddcda7b117db84863978db2add307aa9b99402a92d1d
f9dd6325e2e59cdea34acd62afc7744abf016fbd396cba7dfd1dfa5d0b691f53
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff0eed92ebc735e43eb75297b103c198eb4804b164c02311dcb198fbd9179970

camstudio.org Open in urlscan Pro 209.59.174.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

14 IPs

2 Countries

573 kBTransfer

1340 kBSize

7 Cookies

4 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

camstudio.org Open in urlscan Pro
209.59.174.236 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

573 kB
Transfer

1340 kB
Size

7
Cookies

50 HTTP transactions
2 data transactions