cxsecurity.com Open in urlscan Pro
51.222.29.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW...
Effective URL:
https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKw...
Submission: On June 20 via api (June 20th 2021, 12:37:56 am UTC) from SG

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 83 HTTP transactions. The main IP is 51.222.29.70, located in Canada and belongs to OVH, FR. The main domain is cxsecurity.com.
TLS certificate: Issued by R3 on May 23rd 2021. Valid for: 3 months.

This is the only time cxsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	51.222.29.70 51.222.29.70	16276 (OVH) (OVH)
7	2606:4700:303... 2606:4700:3031::6815:1ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
17	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
83	20

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.29.70 (Canada)

ASN16276 (OVH, FR)
PTR: vps-22903265.vps.ovh.ca

cxsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::6815:1ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

cert.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	308 KB
10	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	55 KB
10	google.com 1 redirects www.google.com adservice.google.com	45 KB
9	gstatic.com www.gstatic.com	764 KB
7	cert.cx cert.cx	578 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
4	facebook.com www.facebook.com	149 KB
3	cxsecurity.com cxsecurity.com	8 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	facebook.net connect.facebook.net	75 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	4 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	googleapis.com ajax.googleapis.com	58 KB
83	15

	Domain	Requested by
17	tpc.googlesyndication.com	go.recordedfuture.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	www.gstatic.com	www.google.com
9	pagead2.googlesyndication.com	cxsecurity.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	www.google.com	1 redirects cxsecurity.com www.gstatic.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com go.recordedfuture.com googleads.g.doubleclick.net www.googletagservices.com
7	cert.cx	cxsecurity.com cert.cx
4	www.facebook.com	connect.facebook.net www.facebook.com
4	platform.twitter.com	cxsecurity.com platform.twitter.com
3	cxsecurity.com	go.recordedfuture.com cxsecurity.com ajax.googleapis.com
2	syndication.twitter.com	platform.twitter.com cxsecurity.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	connect.facebook.net	cxsecurity.com connect.facebook.net
2	stats.g.doubleclick.net	cxsecurity.com
2	go.recordedfuture.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	cxsecurity.com
1	ajax.googleapis.com	cxsecurity.com
83	19

This site contains links to these domains. Also see Links.

Domain
cifrex.org
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
cxsecurity.com R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Frame ID: 9B7225D1BA97D70EA34CFB2853FF1998
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: FE90F3D21EFBA6CFBD72A73F3858938C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=ucm0x585pxsr
Frame ID: 81E40F2A37E91D84D00CF1FD69C2DE10
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=lj31e9lv4m09
Frame ID: 33D05853F9158466FCAF7ED51FCCFE52
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcxsecurity.com
Frame ID: 03812E34FD820F5708C00C5B8CA1A117
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178
Frame ID: C82FAC649E04AF0430AA636C71E4E404
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&pi=t.ma~as.6599633238&w=1043&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445103&bpp=2&bdt=272&idt=171&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ANAhihzsCw&p=https%3A//cxsecurity.com&dtd=175
Frame ID: 2B6304A100BBECDF19058E38A0634DB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1624149445&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445177&bpp=1&bdt=346&idt=107&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=111
Frame ID: E78ED3672FF99D38A9BF9D189B5AA7CB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=62nus2qicjjh
Frame ID: 03675816CDE9EC1982C8CF727011C5F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=x8nho6ev4wv
Frame ID: D046498879CA40B5E812182D7CEB9797
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 86A9C4C6EE12A670BC8368A8CF7081B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html
Frame ID: 069C5DF9F3404E293A29E983C717D826
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CXxfjxY3OYNnZEefO7_UPib6e-AyKnZ2sY4Pt-YT1DfvV9P0IEAEguuTnG2CViriCyAegAdmLpdwByAEJqQLiB2L-duezPqgDAcgDSKoE2wJP0GtLS1slHdiRGoRAMxJ9scldHu9Hjrm72JgfdsUQ5aDHuIXowejG7fRDviM2Bjimb7k81JksUu1D_I3ReRKj-iljELdMVGwyhRCWB3cjTf1A0GlYLlQ1Oymj5nViKhd1aBDXLDN0DaKDpPM16z_52UoY5urh4yPVUKlBocTWRGGbVWJMMzTGssr0J8UXEJo5dGDRTLIblUj_iLKEGJ0TGz33DXWz1g24JokLaortzmLUP9qK2VPb1CDbl9ZrceiufBePqNt85SlEOfuChpw1K9xqsSdIlC-YmLFyf9-vekNq99YWkgi5jSHErZ1ygzegliynHewKGDXGXWB5GPrdRuYHdonygDxpNushXDXSgk6p_qTQFkP7I_qkD7Snfk522uQqq0Sw6Q9kpp5FJOuo1nabYlHZuHrCdj9ph0tK9txbtVPSs1AFtwXJ9qVmUxUhjFJuHtN1guNlu8AErKbZ7-wDoAYugAeP9NqjAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCsqVfSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNTA3NDY3MDk2MzU5NTM1Mw&sigh=G5M_QZfyQYE&template_id=419
Frame ID: CFBAC3F26BC998F8B569F8AE285A5BC9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8CD90F61C4BDCACCDDEBCE45C160C82F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50
Frame ID: 24945FF6D28BA81269818767E9C5EB7E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 2C5D794F5B3D088C5F9DA0B537CBDE13
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03BEDD9C42F9A18076D0F6D0BF9479CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQ... HTTP 307
https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPs... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

83
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

2260 kB
Transfer

5271 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://cifrex.org/
Title: cIFrex

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cxsec
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/cxsecurity
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1?_ud=f2333777-29c4-494f-b52d-5c89008f1e4c&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr... Show response
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 96ms
76ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9679d12aa573533d4e8f41adb7e47b1a036c8075aab39cd1ce7c886a7b0b3eb

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:23 GMT
content-type: text/html;charset=utf-8
cf-ray: 6620eda88a2ed729-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac872dd570000d72985056000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: f892f278-bcbc-4d56-a3b5-1028132a95c5
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HPQA54N1MvQvk988tZClHPkSO0%2FdX0lJsyC19mLygmLEjtV5yr2r4jdApJaxaN69CBy15vkkWPqcdre2qjscitbi4UnRBwzJS408hHbUc75tVit%2ByIeSN8rIj0KqvdMEYbRuuAQcuk5LmBl6ACU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=784ed3b6cc5f5d7ce3386d7875d80e7b0bf85578-1624149443; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request

Cookie set WLB-2021060113 Show response
cxsecurity.com/issue/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW...
https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=...

17 KB
5 KB

647ms
430ms

Document
text/html

51.222.29.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.222.29.70 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps-22903265.vps.ovh.ca
Software: Apache /
Resource Hash: d28c9971cca0f0745d490dd7413bb2717f884ddba532aa179ebdfb9a6129569c

Request headers

Host: cxsecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1

Response headers

Date: Sun, 20 Jun 2021 00:37:24 GMT
Server: Apache
Set-Cookie: cxlang=en; expires=Mon, 20-Jun-2022 00:37:24 GMT; Max-Age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5288
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Sun, 20 Jun 2021 00:37:24 GMT
location: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
cf-ray: 6620eda91a98d729-FRA
link: <https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac872ddad0000d7298d06c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: ee4c4b2b-0528-401f-83aa-0d95083e76b3
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yb%2BrLeieuoVb3vWRORsk2RWc8KCxdYTv4apO0yXxzjijS9zGXTWhweBioTZeN9fYVOgbKxrUPr7Y6gMpuwQ0u%2F%2FOIG%2BDb187HkXhCB0pd3s1pRURQtaZjRxmGrdmhrq0NgTKSws7sFd6BPr6ES4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 m-jq.js Show response
cert.cx/cxstatic/js/ 128 KB
40 KB 68ms
23ms Script
application/javascript 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/js/m-jq.js?T
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3711126bd3b4b00e10bee8c1b9059f8e42604916f1db51fcc1f0d193335d8a8c

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2556
cf-polished: origSize=131091
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac872e11200004a8b04032000000001
last-modified: Sun, 26 Nov 2017 14:47:32 GMT
server: cloudflare
etag: W/"20013-55ee3dd9a0900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h4h5eK1tpw74wn1tP6LDLixJ%2FiuW2Vj2TpSSE7KXc81v1tyE2jjScsNoHVXfUSVcEU%2FZ4Uwb1Ing%2F8yWKVYrF0jTAGGijMt4GleK8lVKpZvYvMUVT5f%2BdinQHfSX%2BoU%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 6620edae880a4a8b-FRA
cf-bgj: minify

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.4/ 163 KB
58 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.4/angular.min.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 07:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58814
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 07:55:17 GMT

GET
H2 200 m.js Show response
cert.cx/cxstatic/js/ 64 KB
17 KB 60ms
16ms Script
application/javascript 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/js/m.js?V
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca17ac3996c50c96ebcc1beb008e613330636c60509021288c8d673dc6f66c00

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2556
cf-polished: origSize=65718
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac872e11200004a8b02acc000000001
last-modified: Sun, 26 Nov 2017 14:47:36 GMT
server: cloudflare
etag: W/"100b6-55ee3ddd71200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t4c6PiGXJnnMnQ42vNJQL1QIzd4tmGS2tyzezZ4XqiJ1Cpv9H5INQfmaLnklgPCBv6rkS5KZAgxVFqBPDVfMjfUaOAHYmxhED1hnVRm86iMMQL9KCxcSUSxUwXYyjapQLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 6620edae880b4a8b-FRA
cf-bgj: minify

GET
H2 200 b.css
cert.cx/cxstatic/css/ 117 KB
18 KB 61ms
17ms Stylesheet
text/css 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/css/b.css?G
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96d85055e7314b1c3287615f2670d5d7e994682ac22249d9b65856786aea959

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5147
cf-polished: origSize=120147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac872e11100004a8bea09f000000001
last-modified: Fri, 30 Mar 2018 06:43:50 GMT
server: cloudflare
etag: W/"1d553-5689b9013f580-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IT51WVh%2BkFsKiSdEPL4HZ8ZXeJDZKULDsrOxM5oOpZvRjQYKRVKPfh0yv0lEOlp%2BUura9iuWUTspB7W%2Fe%2Fvhc0JZ1wtd1b6n4zpMDEwVT48vMGfzPyLIuGd%2F3a8TdoN6LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 6620edae88094a8b-FRA
cf-bgj: minify

GET
H3-29 200 cxseci.png
cert.cx/cxstatic/images/12018/ 8 KB
8 KB 25ms
13ms Image
image/png 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert.cx/cxstatic/images/12018/cxseci.png
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df1d036c1b10f1a28b59c5eaf728987a894fb6474141f0a3aa2bf16dc0cad0b

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8033
cf-request-id: 0ac872e15500004e26cd019000000001
last-modified: Sat, 06 Jan 2018 21:29:59 GMT
server: cloudflare
etag: "1f61-56222445e63c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4tKuwlU%2BR0fBIIGTw%2Bs0otXrO9zmeugBE0BBWwTmQWO%2F3euxJp2HWG2EqWK3GkEPBHyfpzysnPeRF%2Btu%2FRlb3Jkay5szpV8bWmL%2F36f8hLttVLJ0to0J2w53UFSHSeBrug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6620edaeead44e26-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
674 B 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d7a430e6906942677cddc2a55bb752dcf86282d1041fc1f7a3195baabf61450

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Sun, 20 Jun 2021 00:37:24 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-sanitize/1.6.6/ 6 KB
3 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-sanitize/1.6.6/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf24f810daad6c8133158e57d1fadc664f11090b5952f39deb4800a990df236

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5069126
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3025
cf-request-id: 0ac872e128000005b36c056000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d23-19c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nSOtiF2R9BSbvAti1kYPk6rXYxw%2FsckO9MGa0gSCiQ4ThjkaGTW6H%2BSgHWUnmWVg66w%2Bq7dKm%2FETSVfBDuTTMwGlXGFijUvBjetGOJQt9GqbHFt9%2F2bvBvKuaEQWWS%2Bn2R1D%2FM3oCYpYW4ReEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6620edaeadbf05b3-FRA
expires: Fri, 10 Jun 2022 00:37:24 GMT

GET
H/1.1 200
OK show.js Show response
cxsecurity.com/js/ 5 KB
2 KB 108ms
108ms Script
application/javascript 51.222.29.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/js/show.js
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.222.29.70 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps-22903265.vps.ovh.ca
Software: Apache /
Resource Hash: 128dd16963271415d32ab36c861133e3b44dcc8a702edae2b0ad2da8cbb75374

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cxsecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Connection: keep-alive
Referer: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 00:37:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Nov 2017 14:47:38 GMT
Server: Apache
ETag: "14bb-55ee3ddf59680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1606

GET
H3-29 200 us.png
cert.cx/cxstatic/images/flags/ 2 KB
3 KB 26ms
14ms Image
image/png 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert.cx/cxstatic/images/flags/us.png
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 005c8375edeec5cace8b6d6102125831dfd1c358f69e9fa5d34f3f60dca03774

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4321
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2400
cf-request-id: 0ac872e15500004e26eb0e1000000001
last-modified: Sun, 26 Nov 2017 14:55:26 GMT
server: cloudflare
etag: "960-55ee3f9dab380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=olUFjtKUXLY696Q3X%2F6bTEVLl9HML7XiEL4Cl7Vj7NN6q32dkNuu%2BzRlCQgl2nmtyqsXwqGId3vcIWIj1KED0PXbUsiNiT7QH0Ri3q%2FdVsKwLWXYjmtmIkUCLmtfNU3KvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6620edaeead74e26-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f5570d3ac9500e47b14b19243daae31f762717751e817db4563f0955671946c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48540
x-xss-protection: 0
server: cafe
etag: 15108237311505024772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 00:37:24 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 53
date: Sun, 20 Jun 2021 00:36:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Sun, 20 Jun 2021 02:36:31 GMT

GET
H3-29 200 bg13.jpg
cert.cx/cxstatic/images/w/ 472 KB
473 KB 45ms
35ms Image
image/jpeg 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert.cx/cxstatic/images/w/bg13.jpg?2
Requested by: Host: cert.cx
URL: https://cert.cx/cxstatic/css/b.css?G
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bfdf0c8d7d30a10f284f4a1ae80f9daf5e96948bf3f0b59e55951f0724e59b

Request headers

Referer: https://cert.cx/cxstatic/css/b.css?G
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 483480
cf-request-id: 0ac872e15400004e261ebd7000000001
last-modified: Sun, 26 Nov 2017 14:58:07 GMT
server: cloudflare
etag: "76098-55ee403735dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X85sgo4uPG%2FwnUom8XWxbdlvXHz8NS7VwFxXvMCMNR0k%2Bu%2BV5pvO57d7%2FrEyfMgOFZqTGPN8jOcAhXKOsuZ%2FtPAqpvfzfpqjTBkasgkOnUVZrA6Iknz22XSo2I0YDmE0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6620edaeead34e26-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cxsecurity.com
Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:33 GMT

GET
H3-29 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 18ms
16ms Image
image/gif 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1645326435&utmhn=cxsecurity.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Trojan-Dropper.Win32.Googite.b%20%2F%20Unauthenticated%20Remote%20Command%20Execution%20-%20CXSecurity.com&utmhid=466370129&utmr=-&utmp=%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&utmht=1624149444971&utmac=UA-39628967-1&utmcc=__utma%3D178048631.597144223.1624149445.1624149445.1624149445.1%3B%2B__utmz%3D178048631.1624149445.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D134933880%3B&utmjid=1208587498&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 00:37:24 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 00:37:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67BE)
Age: 965
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106110101/ 232 KB
86 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5074670963595353&plah=cxsecurity.com&amaexp=1&bust=exp%3D31060975

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bff77c9b952cff91d47ccf5803ba0099912cf051af93d8662aa3fdb33c351a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87562
x-xss-protection: 0
server: cafe
etag: 16480148212547462393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame FE90 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210616/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 19 Jun 2021 19:02:37 GMT
expires: Sat, 03 Jul 2021 19:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 20088
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f24ae4355af8e04c8b034cef99755597091f7f3dcd3b50e359bff34413d49ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LrHryUzk4V+T/vzbhfSa3g==
cross-origin-resource-policy: cross-origin
expires: Sun, 20 Jun 2021 00:38:05 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: VeQjWv+vIzQVLAoZMUi+7NpKPLT3CaPVH3P+fOk0Jcjj4xGBkThvCnZoHcDaD+M67834wo70T81Zi42BvbODFA==
x-fb-trip-id: 686109401
x-fb-content-md5: f1f579f0414416d14a1a6a2f0d5ca3ba
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 20 Jun 2021 00:37:25 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c079425df9b61fac037135c6ecf7a2ba"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 glyphicons-halflings-regular.woff2
cert.cx/cxstatic/fonts/ 18 KB
18 KB 32ms
20ms Font
application/octet-stream 2606:4700:3031::6815:1ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/fonts/glyphicons-halflings-regular.woff2?A
Requested by: Host: cert.cx
URL: https://cert.cx/cxstatic/css/b.css?G
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://cxsecurity.com
Referer: https://cert.cx/cxstatic/css/b.css?G
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4326
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18028
cf-request-id: 0ac872e2120000beddb4930000000001
last-modified: Sun, 26 Nov 2017 14:47:05 GMT
server: cloudflare
etag: "466c-55ee3dbfe0c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0ijkMjS%2BBCc8FjZB3bnUZdgLNFDaVMpCS%2FNC1t6LxU%2BaIFXvrarrOMASzhAnx9AI7RB4jnsTBNJ2oH%2BWySqomsx0idHHz9EGU1sluTFF2Ag2yGqXnWezo4xuGxU4cZHwPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6620edb0186dbedd-FRA

GET
H/1.1 200
OK 1 Show response
cxsecurity.com/comments/WLB-2021060113/1/ 2 B
180 B 132ms
132ms XHR
application/json 51.222.29.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/comments/WLB-2021060113/1/1
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.4/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.222.29.70 , Canada, ASN16276 (OVH, FR),
Reverse DNS: vps-22903265.vps.ovh.ca
Software: Apache /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cxsecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
Cookie: __utma=178048631.597144223.1624149445.1624149445.1624149445.1; __utmc=178048631; __utmz=178048631.1624149445.1.1.utmcsr=hs_email|utmccn=(not%20set)|utmcmd=email|utmcct=134933880; __utmt=1; __utmb=178048631.1.10.1624149445
Connection: keep-alive
Accept: application/json, text/plain, */*
Referer: https://cxsecurity.com/issue/WLB-2021060113?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 00:37:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 2
Content-Type: application/json

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 81E4 40 KB
20 KB 29ms
28ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=ucm0x585pxsr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

416f441175778d7ccffd9b771b4e0ffbd1561e7fce6eb7ea267d263a814a7c78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GOfWWPr0B3AVvgygj6/2fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=ucm0x585pxsr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Jun 2021 00:37:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-GOfWWPr0B3AVvgygj6/2fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20740
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 33D0 40 KB
20 KB 42ms
41ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c850d0edc05d36ad4f6c0c787346482632bb1ba375c7a4d2ff96f5da92be97b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qRKnw7hgIkBsIJR7A1yMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=lj31e9lv4m09
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Jun 2021 00:37:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-qRKnw7hgIkBsIJR7A1yMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20740
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 0381 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcxsecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cxsecurity.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 188576
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Jun 2021 00:37:25 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 sdk.js Show response
connect.facebook.net/pl_PL/ 246 KB
73 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=7f39505e7996ff0334b7e28b19566207&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d919250b0d8334c6ce9ce90d889d86043d1288748341c535dae67fd27f54936b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://cxsecurity.com
Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Yt6ObJO2N+sFNUaDydlwzQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 19 Jun 2022 23:39:39 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74509
x-fb-rlafr: 0
x-fb-debug: 8ahemC/UU+xXcDV2wW+uMIbVZ6TD8J2+Cc6DU157Qyg9m0crQe5Nad76dv/cqDJn/nU85gG5s7MOlxSAnMbAVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: e103e7cb23bf1795afc7beeaa4eb0806
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 20 Jun 2021 00:37:25 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ef2f875833843c69b9d1493c25eaf527"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
659 B 79ms
29ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cxsecurity.com&callback=_gfp_s_&client=ca-pub-5074670963595353

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5074670963595353&plah=cxsecurity.com&amaexp=1&bust=exp%3D31060975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0c22bb21840ebcff54c87539cc1a31a714a1dd04b143a669b22b102bb1e1cabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cxsecurity.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cxsecurity.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C82F 108 KB
33 KB 341ms
328ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06752774c858ab3829906a2b121e682a989e1539add9bf8cdfaccb64b3c130a6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnQ_pX8pPECFWfnuwgdCZ8Hzw&gqi=xY3OYJOqEafX7_UP0_6bqAw&layout=/sadbundle/%24csp%253Der3%24/505083453055470584/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnQ_pX8pPECFWfnuwgdCZ8Hzw&gqi=xY3OYJOqEafX7_UP0_6bqAw&layout=/sadbundle/%24csp%253Der3%24/505083453055470584/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 20 Jun 2021 00:37:25 GMT
server: cafe
content-length: 33986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Jun-2021 00:52:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:37:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-5074670963595353&c=0&e=2570847921467975139&n=0&t=0&w=323&x=2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:37:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B63 430 B
230 B 493ms
493ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&pi=t.ma~as.6599633238&w=1043&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445103&bpp=2&bdt=272&idt=171&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ANAhihzsCw&p=https%3A//cxsecurity.com&dtd=175

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14ed7561bf744a830740c75466ab6a6fb8ac8f81dc266d9b59c15b2c4ff5e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&pi=t.ma~as.6599633238&w=1043&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445103&bpp=2&bdt=272&idt=171&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ANAhihzsCw&p=https%3A//cxsecurity.com&dtd=175
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 20 Jun 2021 00:37:25 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Jun-2021 00:52:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:37:25 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&tn=DIV&id=frezz&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:37:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E78E 0
19 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1624149445&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445177&bpp=1&bdt=346&idt=107&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=111

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1624149445&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445177&bpp=1&bdt=346&idt=107&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=3816570573693&frm=20&pv=1&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:37:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Jun-2021 00:52:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:37:25 GMT
cache-control: private

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 81E4 52 KB
25 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=ucm0x585pxsr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 02:09:18 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 81E4 341 KB
133 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:33 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 33D0 52 KB
25 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 02:09:18 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 33D0 341 KB
133 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:33 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0381 256 B
442 B 167ms
129ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0d1283a10b30c5bd01c15d70c85f1ba11e97f059

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fcxsecurity.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:24 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 00:37:25 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f72116fcb577463666a8b25b3525ea60c3f27b84131aa325bb3e5b88055ec4b9
content-length: 176

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 33D0 102 B
132 B 14ms
14ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2deefd752d0d838a84f4e550d6a6055dbf21806ce45024af042696f443912130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=lj31e9lv4m09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 81E4 102 B
132 B 14ms
14ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2deefd752d0d838a84f4e550d6a6055dbf21806ce45024af042696f443912130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&theme=dark&size=normal&cb=ucm0x585pxsr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 0367 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=62nus2qicjjh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f58bdd9b22083b192d8fc849710e0687673c270df00fda8cb63188ab3ba01f93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n4JeXpZA81yLzq3eNXNaUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=62nus2qicjjh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Jun 2021 00:37:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-n4JeXpZA81yLzq3eNXNaUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D046 7 KB
1 KB 19ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=x8nho6ev4wv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c47c357390ee1c5cd94350588d3cfcfb55736ab79400e652175ee17216159fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uoulNQZgbkHEEYXn59VJsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=x8nho6ev4wv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Jun 2021 00:37:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-uoulNQZgbkHEEYXn59VJsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1115
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 00:37:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 188578
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 86A9 32 KB
12 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cxsecurity.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 188578
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Jun 2021 00:37:25 GMT
Etag: "a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12228

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 0367 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=62nus2qicjjh

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 02:09:18 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 0367 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=62nus2qicjjh

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:33 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame D046 52 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=x8nho6ev4wv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 02:09:18 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame D046 341 KB
133 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=x8nho6ev4wv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:33 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 6 KB
3 KB 33ms
11ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb785855be64668819ff9bcedcc5bc3a8c9ea5fd332dde3d51dac71dddf37f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/505083453055470584/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1280
date: Sat, 19 Jun 2021 22:00:08 GMT
expires: Sun, 19 Jun 2022 22:00:08 GMT
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFBA 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXxfjxY3OYNnZEefO7_UPib6e-AyKnZ2sY4Pt-YT1DfvV9P0IEAEguuTnG2CViriCyAegAdmLpdwByAEJqQLiB2L-duezPqgDAcgDSKoE2wJP0GtLS1slHdiRGoRAMxJ9scldHu9Hjrm72JgfdsUQ5aDHuIXowejG7fRDviM2Bjimb7k81JksUu1D_I3ReRKj-iljELdMVGwyhRCWB3cjTf1A0GlYLlQ1Oymj5nViKhd1aBDXLDN0DaKDpPM16z_52UoY5urh4yPVUKlBocTWRGGbVWJMMzTGssr0J8UXEJo5dGDRTLIblUj_iLKEGJ0TGz33DXWz1g24JokLaortzmLUP9qK2VPb1CDbl9ZrceiufBePqNt85SlEOfuChpw1K9xqsSdIlC-YmLFyf9-vekNq99YWkgi5jSHErZ1ygzegliynHewKGDXGXWB5GPrdRuYHdonygDxpNushXDXSgk6p_qTQFkP7I_qkD7Snfk522uQqq0Sw6Q9kpp5FJOuo1nabYlHZuHrCdj9ph0tK9txbtVPSs1AFtwXJ9qVmUxUhjFJuHtN1guNlu8AErKbZ7-wDoAYugAeP9NqjAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCsqVfSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNTA3NDY3MDk2MzU5NTM1Mw&sigh=G5M_QZfyQYE&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 20 Jun 2021 00:37:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame CFBA 17 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CFBA 3 KB
1 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:28:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFBA 122 KB
37 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:37:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CFBA 13 KB
6 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:28 GMT

GET
DATA 200
OK truncated
/ Frame 86A9 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8CD9 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkwjmQhjmMRbjQsOlmg-c2MdKtDLKVhykQOHfVhSnJpFcndympjV_0PSyN4ku0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Jun 2021 23:47:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CFBA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68205374150f150eac26df61757b809bab2163de7182fdd48b13879e1d2961d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 069C 9 KB
3 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:26:19 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 069C 26 KB
10 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 08:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 08:00:38 GMT

GET
H3-29 200 tinyanimatemin.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 4 KB
1 KB 23ms
9ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/tinyanimatemin.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 9437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1138
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:08 GMT

GET
H3-29 200 tinyanimatefix.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 882 B
390 B 24ms
9ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/tinyanimatefix.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 9437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:08 GMT

GET
H3-29 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 2 KB
763 B 22ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c069fa56ad98b608bf4018f991ba82ec00f70082be86ea0bf0d48d77705aeb70

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 9437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 735
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:08 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:08 GMT

GET
H3-29 200 motiv.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 51 KB
51 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/motiv.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee186b2da1ddd380b6a7c791c8e27f1e53b275147371429d98903cd8e84ca270

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52000
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:08 GMT

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 5 KB
5 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/txt1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4bf06d686e7e3e8464d9f20ec43f677e643ae70c5e9f201ea8c2cb2397d4623

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5083
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:08 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 7 KB
7 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/txt2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65b90f58840217dc9f79fa6e0c96b317d90cd074e55c6a5f922be0349694325c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7419
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:09 GMT

GET
H3-29 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 6 KB
6 KB 12ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/txt3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f06a2596f371f51eef70eb0f8cb727666c7d00d412b8895d7a908d8931441d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6576
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:09 GMT

GET
H3-29 200 rodenstock.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 6 KB
6 KB 11ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/rodenstock.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

655a0c31f5fab160e00dd6b9751f1aa04f8a130f08c3c893cd0ce15b2626849f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6279
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:10 GMT

GET
H3-29 200 logo_60caf6f0d4bb1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/ Frame 069C 36 KB
36 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/logo_60caf6f0d4bb1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/505083453055470584/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01f0a32007942e3bb49fcea36d819096690b6d6f708047e7a71bca16cca11cf2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36573
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 07:16:48 GMT
server: sffe
date: Sat, 19 Jun 2021 22:00:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 22:00:10 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8CD9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
14ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkwjmQhjmMRbjQsOlmg-c2MdKtDLKVhykQOHfVhSnJpFcndympjV_0PSyN4ku0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:37:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 20-Jun-2021 01:37:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:37:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:37:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 132ms
131ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1624149446010%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 20 Jun 2021 00:37:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f72116fcb577463666a8b25b3525ea60c3f27b84131aa325bb3e5b88055ec4b9
x-transaction: 817fc455fb4e4d82
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 069C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 16:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 16:14:07 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 38ms
24ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5182d2c4d247d8a068e44c0e8bd31a2c73a1e8c7c5aafc87246dd522a35c222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8049
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.3/plugins/ Frame 2494 56 KB
16 KB 73ms
73ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js?hash=7f39505e7996ff0334b7e28b19566207&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d6a8747df958893095079c86988f5af810d0d62dbe74ad3b5c0d57c990a282a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: EjXFhV9rNK6G7wpiNuFC3mgSjyhnLn1IQLcaISjTahLZrfRzY638GOKigzp99+mhvW54DeRcHYpdJD8qIM6+Jw==
date: Sun, 20 Jun 2021 00:37:26 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:37:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 2C5D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 19 Jun 2021 20:04:59 GMT
expires: Sun, 19 Jun 2022 20:04:59 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03BE 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ac02119ad93ca1456c2400d58d709d3cb67ac0c1e6b6bc3ee9b457d248d43da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8yVRjqAGPmDwfWpo0Kg9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cxsecurity.com/

Response headers

expires: Sun, 20 Jun 2021 00:37:26 GMT
date: Sun, 20 Jun 2021 00:37:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8yVRjqAGPmDwfWpo0Kg9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C5D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 16:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 16:14:07 GMT

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 2494 400 B
449 B 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: eA1V1rkaGyOaHvtHwObCBxVeQE5AKr6FK3EecdVrnaveHii+qpnjGb2OKSIZ+1jaHdmFg56ROnvYfnraycu1Jw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 15 Jun 2021 06:48:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 15 Jun 2022 06:48:15 GMT

GET
H3-29 200 lCBXLPxAbEd.js Show response
www.facebook.com/rsrc.php/v3i7Kf4/yE/l/pl_PL/ Frame 2494 509 KB
133 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7Kf4/yE/l/pl_PL/lCBXLPxAbEd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6302d8b3bf4cca17dbdda2bf94bbc91b3af8724eef4483f9cae5c19a721b585

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 23:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zndrRrIuZAiIp08+DoKaTg==
cross-origin-resource-policy: cross-origin
content-length: 136123
x-fb-rlafr: 0
x-fb-debug: dClqUeWW4PrXT5ChVjEJ5CJeiSFCKBjbatzqC1hxhPYCzAsgKkhSG8P3KMn4MFargeWJUjlORfpqloKwh27NNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 23:23:26 GMT

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 2494 67 B
97 B 45ms
45ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624149446269&t_start=1624149446269&t_domcontent=1624149446281&t_layout=1624149446302&t_onload=1624149446302&t_paint=1624149446302&t_creport=1624149446302&t_tti=1624149446281&lid=6975668755860769952-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8597cc0db07d8%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff391b9a0e7c6968%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: mH5Xb9IT4Fz6F+1LEp4lnwkyWnZA5WCVs49mZ3NwKq+Xq+bb/I2RtSiHjeBg3GOtgccb8cPIkzQ0EiZNE/cIVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 20 Jun 2021 00:37:26 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=3984331899861262&bg=!HR6lHlrNAAZktE7iZLQ7ACkAdvg8WjovAQw4njD5Hx9efPAGMtGGBaWwPv4KdsFSQ4RPFHxCKgmHfgIAAACFUgAAAA9oAQcKADLMXfJtDD1qk1FLJhTzni4ovbld4iNPftnizT9CQiYnZisdyRY0u3Bmu98njsm9BsOqD5kCYJT4yJpZJBjU9HwDPMb_sU2a3pOpL30kVVb_Y7j2MtX-u8tZAaIFfWudS1XANsahq8qK214LuNoYLRN7aObCVxjvdRbCBHWW88Ak4hKFyvopSKGIbTz1siIx-ZuZSSPSjrCqSaOVBLWAup83QBopFM4yR0J0QLUVd-usWleeSW8YGUvhyaUgEIcYterg3y69OKanlA3Z7SWsKoEpkU1OZ_zSFwaevkajkexhM4V8OPwqUQdRusdgAubazxs77XQyJnqa7WLKecA8Y1n_c0WiWzqHXq45QoD8o7Qzqv_zPwv25GUKILwB1Ba0nur_vAzMWL814wGW1ZMGIyFodbvtcSnyo1R3cSZvOjjqt0xmp4w9wHnwwRL4I2_QCG52ycTkk3zxbqUeCQMFt1sB_-slVY-PeNFhCjNxOSM-QAObgj_-VC-VL2i-6PWNL0LIAF-I6yQPcQ1G4kE7CbRN1z-x7EY6sMobbgDsVgDRrjMm_RcX_WCz6ESBBynbiBgLYx9MLxGDgsaqFeB2EJ9q1XGXvruZ-PM_DyBwjD-SxOkSa-kbFmA7iKVnA-lqbz_2el3PwlU_aPrPMmXtKximaqftL41zLOcAYUK3iMDM2wBuQk6jOlwsEaBR9tHMmeU2FAl2KyseQazktO0oBCHwG9HRWHqFtzGZklBgGXO9sZYizkOKYtBhonQve6zJGrqtvGkg43jhW_tEhXsWZ4zvMRTRvGetfunkoGwer-EkyN_e_lcsJHWAYiPl7OHkKcZjhGjyzE7S9PiMHDsDCTQY-Dr6iDlrL0fd_HEtUY_UbjTV_PoL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:37:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFBA 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C59vaxY3OYNnZEefO7_UPib6e-AyKnZ2sY4Pt-YT1DfvV9P0IEAEguuTnG2CViriCyAegAdmLpdwByAEJqQLiB2L-duezPqgDAaoE2wJP0GtLS1slHdiRGoRAMxJ9scldHu9Hjrm72JgfdsUQ5aDHuIXowejG7fRDviM2Bjimb7k81JksUu1D_I3ReRKj-iljELdMVGwyhRCWB3cjTf1A0GlYLlQ1Oymj5nViKhd1aBDXLDN0DaKDpPM16z_52UoY5urh4yPVUKlBocTWRGGbVWJMMzTGssr0J8UXEJo5dGDRTLIblUj_iLKEGJ0TGz33DXWz1g24JokLaortzmLUP9qK2VPb1CDbl9ZrceiufBePqNt85SlEOfuChpw1K9xqsSdIlC-YmLFyf9-vekNq99YWkgi5jSHErZ1ygzegliynHewKGDXGXWB5GPrdRuYHdonygDxpNushXDXSgk6p_qTQFkP7I_qkD7Snfk522uQqq0Sw6Q9kpp5FJOuo1nabYlHZuHrCdj9ph0tK9txbtVPSs1AFtwXJ9qVmUxUhjFJuHtN1guNlu8AErKbZ7-wDoAYugAeP9NqjAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCsqVfSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNTA3NDY3MDk2MzU5NTM1Mw&sigh=fd2BoLwZRi0&vt=1&template_id=419

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&pi=t.ma~as.9692700437&w=798&fwrn=4&fwrnh=100&lmt=1624149445&rafmt=1&psa=0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2021060113%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-9ixSnPsJRWQuCF05ltuByt2MrKwRNYw1r5RkGj9AzzeKA1MEdSmqIoVnmzuT68ir8ABEAS3XwKIvl3l0ALGUL1Cne2RQ%26utm_content%3D134933880%26utm_source%3Dhs_email&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624149445082&bpp=21&bdt=251&idt=157&shv=r20210616&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&correlator=3816570573693&frm=20&pv=2&ga_vid=597144223.1624149445&ga_sid=1624149445&ga_hid=466370129&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060975&oid=3&pvsid=3984331899861262&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xFKo6dn2vm&p=https%3A//cxsecurity.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 20 Jun 2021 00:37:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CFBA 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGH_p04Rqp5k9oCoyqFeIaID9PqNa5zZ9-S2bxbX6nSM9qpJUirMa3TjHZnleK86e0JRB1lAvK1s7JK4d6vhn2lsACk53-k8aUFc5ajqtvIpRtlAI2odI1YLhMGA&sai=AMfl-YQQh03PIsBH6tvBDN2qQ9zpG2MS6RSoc9aH4uaVghL_YQQw7y5-rCUlyU-pD3ZNx_sVKIUy_k5h9_my&sig=Cg0ArKJSzEINLKYsp_ghEAE&id=lidar2&mcvt=1000&p=232,401,438,1199&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3005825735&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624149445641&dlt=376&rpt=246&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:37:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:09:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:30:45	Name: IDE Value: AHWqTUkwjmQhjmMRbjQsOlmg-c2MdKtDLKVhykQOHfVhSnJpFcndympjV_0PSyN4ku0
.cxsecurity.com/	1970-01-19 19:09:11	Name: __utmb Value: 178048631.1.10.1624149445
.cxsecurity.com/	1970-01-19 19:09:10	Name: __utmt Value: 1
.cxsecurity.com/	1970-01-20 04:30:45	Name: __gads Value: ID=3b67e06ac34bd0e3-223d6aae09c900d1:T=1624149445:RT=1624149445:S=ALNI_MYdMOeKN3oGJpcbTicIeenoxJl6tA
.cxsecurity.com/	1970-01-19 23:31:57	Name: __utmz Value: 178048631.1624149445.1.1.utmcsr=hs_email\|utmccn=(not%20set)\|utmcmd=email\|utmcct=134933880
.cxsecurity.com/	1970-01-20 12:40:21	Name: __utma Value: 178048631.597144223.1624149445.1624149445.1624149445.1
.doubleclick.net/	1970-01-19 19:09:10	Name: test_cookie Value: CheckForPermission
.cxsecurity.com/	1969-12-31 23:59:59	Name: __utmc Value: 178048631
cxsecurity.com/issue	1970-01-20 03:54:45	Name: cxlang Value: en

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv1B3lGmQV1-WJV7CgX00W91TJYF8fh63RW2SrDxm2zlM5PW6_WLrP62XflwW4kwNBt2brx5RW5H7bPc68VZ5jW1g5P7Y5d766RW3ZlpQq5jrF5MVhrB6x5j0jvSW3hMktG5HqkzJW51Vg0S8g2xRcW4Q0Lr06NVq3WW7hGWdK4px5f4W7mLQ1l4jsb4dW7-ZCNm3FxVryN32X4TH2tPyNW2cHXdx7tR6_-W8lgK2j36PrMKW8XS0Lp6Hc7fjW2ydHzC8SW-XbW6nCbfg4bcfkXW17sPwd4fStZPW8CP2jg19c2BS3pfR1(Line 13) Message: toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
cert.cx
connect.facebook.net
cxsecurity.com
go.recordedfuture.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.72
142.250.184.194
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67fe
2606:4700:3031::6815:1ef3
2606:4700::6810:135e
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
51.222.29.70
005c8375edeec5cace8b6d6102125831dfd1c358f69e9fa5d34f3f60dca03774
01f0a32007942e3bb49fcea36d819096690b6d6f708047e7a71bca16cca11cf2
06752774c858ab3829906a2b121e682a989e1539add9bf8cdfaccb64b3c130a6
0c22bb21840ebcff54c87539cc1a31a714a1dd04b143a669b22b102bb1e1cabc
1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc
128dd16963271415d32ab36c861133e3b44dcc8a702edae2b0ad2da8cbb75374
15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23bfdf0c8d7d30a10f284f4a1ae80f9daf5e96948bf3f0b59e55951f0724e59b
23f06a2596f371f51eef70eb0f8cb727666c7d00d412b8895d7a908d8931441d
2c850d0edc05d36ad4f6c0c787346482632bb1ba375c7a4d2ff96f5da92be97b
2deefd752d0d838a84f4e550d6a6055dbf21806ce45024af042696f443912130
2df1d036c1b10f1a28b59c5eaf728987a894fb6474141f0a3aa2bf16dc0cad0b
3711126bd3b4b00e10bee8c1b9059f8e42604916f1db51fcc1f0d193335d8a8c
3d6a8747df958893095079c86988f5af810d0d62dbe74ad3b5c0d57c990a282a
416f441175778d7ccffd9b771b4e0ffbd1561e7fce6eb7ea267d263a814a7c78
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
4ac02119ad93ca1456c2400d58d709d3cb67ac0c1e6b6bc3ee9b457d248d43da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5d7a430e6906942677cddc2a55bb752dcf86282d1041fc1f7a3195baabf61450
5eb785855be64668819ff9bcedcc5bc3a8c9ea5fd332dde3d51dac71dddf37f7
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
655a0c31f5fab160e00dd6b9751f1aa04f8a130f08c3c893cd0ce15b2626849f
65b90f58840217dc9f79fa6e0c96b317d90cd074e55c6a5f922be0349694325c
6bff77c9b952cff91d47ccf5803ba0099912cf051af93d8662aa3fdb33c351a0
6c47c357390ee1c5cd94350588d3cfcfb55736ab79400e652175ee17216159fe
7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
8f5570d3ac9500e47b14b19243daae31f762717751e817db4563f0955671946c
932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf06d686e7e3e8464d9f20ec43f677e643ae70c5e9f201ea8c2cb2397d4623
a9679d12aa573533d4e8f41adb7e47b1a036c8075aab39cd1ce7c886a7b0b3eb
a96d85055e7314b1c3287615f2670d5d7e994682ac22249d9b65856786aea959
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5182d2c4d247d8a068e44c0e8bd31a2c73a1e8c7c5aafc87246dd522a35c222
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c069fa56ad98b608bf4018f991ba82ec00f70082be86ea0bf0d48d77705aeb70
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ca17ac3996c50c96ebcc1beb008e613330636c60509021288c8d673dc6f66c00
cdf24f810daad6c8133158e57d1fadc664f11090b5952f39deb4800a990df236
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d28c9971cca0f0745d490dd7413bb2717f884ddba532aa179ebdfb9a6129569c
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d68205374150f150eac26df61757b809bab2163de7182fdd48b13879e1d2961d
d919250b0d8334c6ce9ce90d889d86043d1288748341c535dae67fd27f54936b
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee186b2da1ddd380b6a7c791c8e27f1e53b275147371429d98903cd8e84ca270
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14ed7561bf744a830740c75466ab6a6fb8ac8f81dc266d9b59c15b2c4ff5e35
f24ae4355af8e04c8b034cef99755597091f7f3dcd3b50e359bff34413d49ffd
f58bdd9b22083b192d8fc849710e0687673c270df00fda8cb63188ab3ba01f93
f6302d8b3bf4cca17dbdda2bf94bbc91b3af8724eef4483f9cae5c19a721b585
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

cxsecurity.com Open in urlscan Pro 51.222.29.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

84 %IPv6

15 Domains

19 Subdomains

20 IPs

4 Countries

2260 kBTransfer

5271 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cxsecurity.com Open in urlscan Pro
51.222.29.70 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

2260 kB
Transfer

5271 kB
Size

10
Cookies

83 HTTP transactions
2 data transactions