bonpatron.com Open in urlscan Pro
45.55.37.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bonpatron.com/
Effective URL:
https://bonpatron.com/
Submission: On March 29 via manual (March 29th 2021, 3:36:53 pm UTC) from CA

Summary HTTP 95 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 95 HTTP transactions. The main IP is 45.55.37.23, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is bonpatron.com.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.

This is the only time bonpatron.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	45.55.37.23 45.55.37.23	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
23	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
95	13

40 45.55.37.23 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nadaclair.com

bonpatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	bonpatron.com 1 redirects bonpatron.com	209 KB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	382 KB
14	doubleclick.net googleads.g.doubleclick.net	72 KB
4	googletagservices.com www.googletagservices.com	135 KB
4	google.com 3 redirects adservice.google.com www.google.com	766 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleapis.com fonts.googleapis.com	687 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	642 B
1	fontawesome.com use.fontawesome.com	11 KB
95	11

	Domain	Requested by
40	bonpatron.com	1 redirects bonpatron.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net bonpatron.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net bonpatron.com
10	pagead2.googlesyndication.com	bonpatron.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	3 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	bonpatron.com www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	use.fontawesome.com	bonpatron.com
95	14

This site contains links to these domains. Also see Links.

Domain
pro.bonpatron.com
www.paypal.com
spellcheckplus.com
spanishchecker.com
apps.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
bonpatron.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://bonpatron.com/
Frame ID: C62BACF47013B64B2A79779829504C2F
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: 5E799B5BDA9B3724F12AFBD6E2E5DA97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&adk=1812271804&adf=3025194257&lmt=1617032196&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbonpatron.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617032196501&bpp=20&bdt=677&idt=86&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1272629883532&frm=20&pv=2&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109
Frame ID: 3164E20208123F868FF1B810A4146598
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104
Frame ID: 51EA293542AD3E0BFE2774E5FD6BB1D9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105
Frame ID: C53A03709ADA2A811D805B47C5D90E4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109
Frame ID: 6F7EAA95922548895F00FE38534D3A00
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 68072714E0BE7F257BC342D4E1F40057
Requests: 2 HTTP requests in this frame

Frame: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/content.css
Frame ID: 463F9FBE83252BD00FC44578B3DC5A6C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Frame ID: 9EE52DDBDEB3DD376F699D60EAB1D41E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FB5E0E5489F39EE6F04171CF241A8107
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html
Frame ID: 8A2492DF623F9D7761C22680E29FEAF3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CE9jOBPRhYLzHJ46ox_AP_c2A6ArzgPzuYcDK6aahDdnZHhABIKGWxAdglYq4gsgHoAG_57vEA8gBCakCxX-DPRHBsz6oAwHIA0iqBKoBT9Bhi3HikrYOdLIRPOkrj7Zgz1r6aqi76_tss9byIgBcn9UoBoVkK11q3E6aWDFyxACnD7PghLZQUEnXL9mQSS_qP1hH8ahgRvBWpV4SXm9Q_7_qeal6LSyYM_EToFqQ-CtkO3NdDQeP5kddW0MduY9-AfhlFOnvBhqmJltEAgg9h425GiApD6dMxIWAShrzREJaMJ8V413qTLRyHwYBhqKLfKG2LKKwsTbABJLsreDHA5IFBAgEGAGSBQQIBRgEoAYugAfAiZUfqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMfmE9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi00MDg0MjU0ODc5MzM1NTE2&sigh=wMRiReAvWVY&template_id=419&tpd=AGWhJmu6YLNV7EkxORmmqws-BcYRDKDQn7M8WcvSKTrmV1GhnA
Frame ID: 8C43AF96B7BBA9F67D71B589F97E92CD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CB7206773C22B09414EDE78018E1D957
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BA5C608DFAE4E2CEA6A91E6E725064CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bonpatron.com/ HTTP 301
https://bonpatron.com/ Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

95
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

883 kB
Transfer

2293 kB
Size

8
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://pro.bonpatron.com/
Title: Pro

Search URL Search Domain Scan URL

URL: https://pro.bonpatron.com/Password/
Title: forgot your password?

Search URL Search Domain Scan URL

URL: https://pro.bonpatron.com/Create/
Title: create new account

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=5Z2R5PDMKN7PJ&source=url

Search URL Search Domain Scan URL

URL: http://spellcheckplus.com/
Title: SpellCheckPlus

Search URL Search Domain Scan URL

URL: http://spanishchecker.com/
Title: SpanishChecker

Search URL Search Domain Scan URL

URL: https://spellcheckplus.com/
Title: SpellCheckPlus.com

Search URL Search Domain Scan URL

URL: https://spanishchecker.com/
Title: SpanishChecker.com

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/bonpatron-mobile/id441512362
Title: BonPatron Mobile

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.alkeo.android.bonpatron

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/category/Community/BonPatron-118465254844524/

Search URL Search Domain Scan URL

URL: https://twitter.com/bonpatron

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/tags/bonpatron/top/?hl=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bonpatron.com/ HTTP 301
https://bonpatron.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

95 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
bonpatron.com/
Redirect Chain

http://bonpatron.com/
https://bonpatron.com/

40 KB
12 KB

495ms
141ms

Document
text/html

45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 3c18efb8e9c4bf4cf891898effa3fc94a2341634c99a0fef777f0d8379cb070b

Request headers

Host: bonpatron.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:58 GMT
Server: Apache
Set-Cookie: PHPSESSID=h02r2hm9ndkqfb4p26la8c79r1; path=/; HttpOnly _email=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12156
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 29 Mar 2021 15:37:58 GMT
Server: Apache
Location: https://bonpatron.com/
Content-Length: 293
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK styles.css
bonpatron.com/Resources/mea/css/ 18 KB
5 KB 116ms
115ms Stylesheet
text/css 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/mea/css/styles.css?6
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 191c196d061a329e84520c5e4e5003a0a1886bfdfa8ea04638cff27380e97311

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jun 2018 00:59:52 GMT
Server: Apache
ETag: "49a4-56f1c6eca83a7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4437

GET
H/1.1 200
OK nadaclair.css
bonpatron.com/Resources/ 2 KB
1 KB 236ms
119ms Stylesheet
text/css 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/nadaclair.css?1
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 5767f3e493d7577cabb02158ed70f8f5d49d0d9d623f4582f503a5b689283883

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 19:51:14 GMT
Server: Apache
ETag: "996-551c8a43f111d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 843

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 359ms
357ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://bonpatron.com
Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK tiny_mce.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/ 226 KB
78 KB 350ms
121ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 96ede6a05435502a4b050b9c558f438343684d956daa40998055b3f82cfdd71b

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "386a5-51f5b132c0744-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK nadaclair.js Show response
bonpatron.com/Resources/ 36 KB
12 KB 353ms
118ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/nadaclair.js?4
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 5aff367c86f62ac39189f5cc2efa33c6bf5b332d9dd0a7d26b85c74affd5605b

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Mar 2021 20:16:18 GMT
Server: Apache
ETag: "8ebf-5be8a5248a92a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11574

GET
H/1.1 200
OK exercises.js Show response
bonpatron.com/Resources/ 2 KB
1 KB 349ms
114ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/exercises.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: c5440ef39bcce7e68c7d3bf6225f3f5dae405415da0e21d8eeb7ced8c80538ec

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "9cd-51f5b13287d04-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1063

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
bonpatron.com/Resources/jquery/ 87 KB
31 KB 354ms
120ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/jquery/jquery-3.5.1.min.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 20:48:06 GMT
Server: Apache
ETag: "15d84-5b0a22218c00a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30910

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bonpatron.com
URL: https://bonpatron.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c190e2bc2e251c532f115d652d5f371831bd8fa4e483662245521c317b145c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49683
x-xss-protection: 0
server: cafe
etag: 18222258737186682145
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:36:36 GMT

GET
H/1.1 200
OK icone_rvb_web3.png
bonpatron.com/Resources/mea/images/ 758 B
1 KB 125ms
123ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/mea/images/icone_rvb_web3.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: e54badb6fb58d9af5354b5707ecc7893850a43e9c153140721d59485cd756934

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "2f6-51f5b13289c44"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 758

GET
H/1.1 200
OK icone_rvb_web3.png
bonpatron.com/Resources//mea/images/ 758 B
1 KB 340ms
337ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources//mea/images/icone_rvb_web3.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: e54badb6fb58d9af5354b5707ecc7893850a43e9c153140721d59485cd756934

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "2f6-51f5b13289c44"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 758

GET
H/1.1 200
OK share42.js Show response
bonpatron.com/Resources//share42/ 3 KB
2 KB 115ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources//share42/share42.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 49df8d6b2f16818af32e9c9eb6873e0cdd66b2311e2fa4ee7a664ee2e4d47224

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 16:02:43 GMT
Server: Apache
ETag: "bb8-56f00cff824a7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1237

GET
H/1.1 200
OK user_64.png
bonpatron.com/Resources//mea/images/icons/ 5 KB
5 KB 123ms
121ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources//mea/images/icons/user_64.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 4cd8a7b2b2ea6eccba1ebc37ddd9de0169e6570fc8ff3bddb4eb09e6de090dee

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "12c0-51f5b1328abe4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4800

GET
H/1.1 200
OK help-icon.png
bonpatron.com/Resources//mea/images/icons/ 3 KB
3 KB 183ms
181ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources//mea/images/icons/help-icon.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: b0b06207be08c23e4c5d7156e832a95c15c3c60225c3a304528792a8603a8e9b

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "a1c-51f5b13289c44"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2588

GET
H/1.1 200
OK facebook.png
bonpatron.com/Resources/mea/images/ 2 KB
2 KB 412ms
410ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/mea/images/facebook.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 50fbc3fc7dbd72ea78ec27ce1f2856e6fac4bb8f6849956822c72aa72e5a277f

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 14 May 2020 16:34:51 GMT
Server: Apache
ETag: "61a-5a59e46984c2a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1562

GET
H/1.1 200
OK twitter.png
bonpatron.com/Resources/mea/images/ 2 KB
2 KB 183ms
182ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/mea/images/twitter.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: f24e14797ef8c7bdd01de9abb85d8d6871b7f1259e38fe696ddab26ea5dc8224

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 14 May 2020 16:34:52 GMT
Server: Apache
ETag: "6f1-5a59e46af3f2a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1777

GET
H/1.1 200
OK instagram.png
bonpatron.com/Resources/mea/images/ 2 KB
2 KB 170ms
115ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/mea/images/instagram.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 6f212f2ad50b8e92e77d3ad8d989902a2b962b0148599355dcb74e10851e0820

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Last-Modified: Thu, 14 May 2020 16:34:52 GMT
Server: Apache
ETag: "6d8-5a59e46af2f8a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1752

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bonpatron.com
URL: https://bonpatron.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4889
date: Mon, 29 Mar 2021 14:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 29 Mar 2021 16:15:07 GMT

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/langs/ 6 KB
3 KB 116ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 35e820dcf2bcc6818dbc5122c28b154d4e1643603e9fce7fb75f87cec4634c97

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "1973-51f5b132ba984-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2666

GET
H/1.1 200
OK editor_template.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/ 26 KB
9 KB 117ms
116ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/editor_template.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 15d10f7e21486a2096c7fe22c3d66f24ab8616082d35bb17ade50cf7fc0a976c

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "6874-51f5b132be804-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8774

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/print/ 492 B
620 B 117ms
117ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/print/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 5a76c9d6c65468a7e0d90f849708a9e139e1cba66d4bafea022d3c3595833057

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "1ec-51f5b132bd864-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 287

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/ 1 KB
838 B 117ms
117ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 32dd148576f1a74b7bb5db6e5318bab63bce3e34c8c6a0ea21e96469765ad535

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "406-51f5b132bd864-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 505

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/ 966 B
810 B 116ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: e394ed54d42ecf91a3b8c794347bfbb4d2589265d17eec6a508d7a2a64e6f79b

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:37:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "3c6-51f5b132bc8c4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 477

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/searchreplace/ 1 KB
831 B 118ms
117ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/searchreplace/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: f0852b0bbe2fbc8f823c7bf3e79fc7a6f6c0117412f61badc7e151da40c2532f

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Oct 2018 15:44:19 GMT
Server: Apache
ETag: "41b-57882a8f98027-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 498

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/ 920 B
787 B 116ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 008ec6951223783eedfc35b9842f6da48335630cd1996615bbdc30d44b2cfdb2

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "398-51f5b132bc8c4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 454

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/paste/ 13 KB
5 KB 122ms
122ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/paste/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 941a5dc6ac8df74fd7e9eba97dac0900e985fe8e92d5e1d6b57ca2f1fcd4a679

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "3530-51f5b132bd864-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5204

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/ 983 B
805 B 122ms
121ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: c91bf9e86d69bf7c7fa7e961e65d4a7740b45a4c0861644711857f109ee3f088

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Sep 2018 13:39:44 GMT
Server: Apache
ETag: "3d7-575acb9275c27-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 472

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/fullscreen/ 4 KB
2 KB 119ms
118ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/fullscreen/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 2cd674ff5b6504879645d55d65c015402feab22142cf61257535457f9dfa0a4c

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "e22-51f5b132bb924-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1324

GET
H/1.1 200
OK editor_plugin.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/wordcount/ 2 KB
1 KB 117ms
116ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/wordcount/editor_plugin.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: dde55563734a01fea51886be5237772bff913377962d6b5ba0577acfd3550a34

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "7a8-51f5b132be804-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 955

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 226 KB
85 KB 55ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4084254879335516&plah=bonpatron.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:36:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame 5E79 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210322/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Mar 2021 02:55:27 GMT
expires: Mon, 12 Apr 2021 02:55:27 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 45669
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
64 B 20ms
19ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1120479232&t=pageview&_s=1&dl=https%3A%2F%2Fbonpatron.com%2F&ul=en-us&de=UTF-8&dt=%22BonPatron%22%20Online%20Spelling%20and%20Grammar%20Checker%20for%20French%20as%20a%20Second%20Language&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1351406591&gjid=614035053&cid=593399063.1617032197&tid=UA-161344-3&_gid=1636988564.1617032197&_r=1&_slc=1&z=1651443158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 15:36:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bonpatron.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
642 B 145ms
66ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bonpatron.com&callback=_gfp_s_&client=ca-pub-4084254879335516

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4084254879335516&plah=bonpatron.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bd1e5bb9db4f7939f08261273a403ef4f605d8db7b6958be40d4abfdfc072e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 40ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bonpatron.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 41ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bonpatron.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3164 54 B
317 B 60ms
59ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&adk=1812271804&adf=3025194257&lmt=1617032196&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbonpatron.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617032196501&bpp=20&bdt=677&idt=86&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1272629883532&frm=20&pv=2&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4084254879335516&output=html&adk=1812271804&adf=3025194257&lmt=1617032196&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbonpatron.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617032196501&bpp=20&bdt=677&idt=86&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1272629883532&frm=20&pv=2&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 29 Mar 2021 15:36:36 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 29-Mar-2021 15:51:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585787019197"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:36 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51EA 52 KB
20 KB 377ms
376ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e9fc180df40a27ddb0015247c4faa610c8e2b5eaf304cab23a1a3148531c05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 29 Mar 2021 15:36:36 GMT
server: cafe
content-length: 20153
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 29-Mar-2021 15:51:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:36 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C53A 106 KB
33 KB 613ms
612ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3906bdf5815301877a2d32e56c2b9b41286a5b3d6caa2b47af0a70ba2c29f98d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLzZr63q1e8CFQ7UEQgd_SYArQ&gqi=BPRhYJKPJ62j7_UPmcC2qAg&layout=/sadbundle/%24csp%253Der3%24/4097208668196650087/160x600_verti_v1/160x600_verti.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLzZr63q1e8CFQ7UEQgd_SYArQ&gqi=BPRhYJKPJ62j7_UPmcC2qAg&layout=/sadbundle/%24csp%253Der3%24/4097208668196650087/160x600_verti_v1/160x600_verti.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 29 Mar 2021 15:36:37 GMT
server: cafe
content-length: 32959
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 29-Mar-2021 15:51:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:37 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F7E 55 KB
14 KB 527ms
526ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afdddee231a9899354f7ba00f07bc13aa43353f20a8173cf225962539ce7bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 29 Mar 2021 15:36:37 GMT
server: cafe
content-length: 13953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 29-Mar-2021 15:51:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:37 GMT
cache-control: private

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/langs/ 2 KB
1 KB 115ms
114ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 87fa99a1ecfaa4d46a57f68867536706d245a46eb2151e6cf48a3f46f7ac9e1c

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "925-51f5b132bf7a4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1056

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/langs/ 108 B
439 B 125ms
124ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 6a8fd21c578cf293aefda530ae19da0d434a4cc99167fbef9c0940dcc1b0a89f

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "6c-51f5b132bd864-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 107

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/langs/ 110 B
457 B 115ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: bb9af62396d4d0125a54a0f4d60bdb0f6064848be80a21bc6256055eac655899

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "6e-51f5b132bc8c4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 125

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/langs/ 158 B
483 B 116ms
116ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 3e110cc930c7c0cd8d057063b312f186127c173b404ac86da223a12d12c9c0b2

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "9e-51f5b132bd864-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 151

GET
H/1.1 200
OK en.js Show response
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/langs/ 66 B
345 B 116ms
115ms Script
application/javascript 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/langs/en.js
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 01ca42bf058d0373871d6467850c8dc514f3997bb880f8f6e8186d820dd754db

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "42-51f5b132bc8c4"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 66

GET
H2 200 7186960138568255496
tpc.googlesyndication.com/simgad/ Frame 51EA 7 KB
7 KB 48ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7186960138568255496?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlG8Vd-Ht_kxw8CHIDWDzcFlt8Y5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f20c6171c10240485f8f26b3c4826ae784bfc4c1bf0024d59b0fc6749e36792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 08:02:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 20:48:44 GMT
server: sffe
age: 200050
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7326
x-xss-protection: 0
expires: Sun, 27 Mar 2022 08:02:27 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 51EA 17 KB
7 KB 39ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:33:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 51EA 2 KB
1 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:32:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51EA 118 KB
36 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 51EA 12 KB
5 KB 37ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:36:21 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 51EA 24 KB
10 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 13:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10339
x-xss-protection: 0
server: cafe
etag: 15412717976415995934
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 13:22:10 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 51EA 0
0 47ms
45ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAHA3BPRhYLSOJ6q3x_AP4_SW-AXDnpSbYYjNw8LwDLzF6-HjIRABIKGWxAdglYq4gsgHoAH_24rIA8gBAqgDAcgDyQSqBKMBT9CmAKtOQincB-bO9-ROm8hWRclXSyy1poCtjgm_ms-3H0iwRl1JqZwFN3C6Cdm4SgtyKE1iS7eUbOp1Xx3w33BSOgWDV4kiHpiuD795kcghRcT1JRYHhwqUfYk9tP4MwhtW3Jslu2bmJjGqzALfWsZhd5vsU3EaGbYGU9EYfTDQq2pH2nA1Nr970fXcCqR8CkKc8XtBi7p8FCoGWiOY8aRYvcAE0dnGmbMDkgUECAQYAZIFBAgFGASgBgKAB_DurKICqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJz1FtIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi00MDg0MjU0ODc5MzM1NTE2&sigh=_nlMwMhlGVk&tpd=AGWhJmu3HSJT8utVHx_-ywr46zZ_RKe36LxFY5-LMfzi0Oo0iA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Mar 2021 15:36:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6807 143 B
216 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=893745953&adf=1312630476&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196521&bpp=5&bdt=698&idt=98&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=317&ady=91&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bCPnkCsKPh&p=https%3A//bonpatron.com&dtd=104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 14:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 51EA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfd822d794c0b84a9046fbd37a6bad8ff24fc128b595cec280b21ab3deb831d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ui.css
bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/ 16 KB
3 KB 116ms
116ms Stylesheet
text/css 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/ui.css
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: a5fccafd3dfe888d109262a50041b6fe43b142de53d83f14905bb4649122654f

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "3e57-51f5b132bf7a4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2989

GET
H/1.1 200
OK content.css
bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/ Frame 463F 3 KB
1 KB 115ms
115ms Stylesheet
text/css 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/content.css
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: da419ff6d29c6f8e058c647c8a9e10f3c9ef9f17050a5de9e3bab53f6d6942de

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "a2f-51f5b132bf7a4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 991

GET
H/1.1 200
OK nadaclair.css
bonpatron.com/Resources/ Frame 463F 2 KB
1 KB 116ms
115ms Stylesheet
text/css 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bonpatron.com/Resources/nadaclair.css
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/tiny_mce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 5767f3e493d7577cabb02158ed70f8f5d49d0d9d623f4582f503a5b689283883

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 19:51:14 GMT
Server: Apache
ETag: "996-551c8a43f111d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 843

GET
H/1.1 200
OK nayt-check.png
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/images/ 5 KB
6 KB 117ms
116ms Image
image/png 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircheck/images/nayt-check.png
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 8d081b7b0589072f473082b8833f7538d237c545eda8f69ba27d64137d785650

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Wed, 12 Sep 2018 13:38:07 GMT
Server: Apache
ETag: "15f1-575acb36210a7"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5617

GET
H/1.1 200
OK copytext.gif
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/images/ 375 B
643 B 114ms
113ms Image
image/gif 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclaircopy/images/copytext.gif
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: a871c477bcd6294dcffc367bd196ea89b2817a6549e8c76498645b9b71312a10

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "177-51f5b132bd864"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 375

GET
H/1.1 200
OK clean.gif
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/images/ 256 B
524 B 115ms
114ms Image
image/gif 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairclean/images/clean.gif
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 55e6957bae139612888b321bce4e16c077994a45e378703dbea590f77ff0b031

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "100-51f5b132bc8c4"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 256

GET
H/1.1 200
OK printtext.gif
bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/images/ 286 B
554 B 202ms
115ms Image
image/gif 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/plugins/nadaclairprint/images/printtext.gif
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: ddd1b4b589bc03241e007d1d785ca0316276f9efd0c9827bd4f8bdc651b195a7

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "11e-51f5b132bd864"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 286

GET
H2 200 css
fonts.googleapis.com/ Frame 6F7E 3 KB
687 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 15:31:31 GMT
server: ESF
date: Mon, 29 Mar 2021 15:36:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6807
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

39ms
38ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 29-Mar-2021 16:36:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 6F7E 1 KB
979 B 36ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:32:52 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 6F7E 17 KB
7 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:33:20 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 6F7E 2 KB
2 KB 31ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:32:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F7E 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 6F7E 12 KB
5 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:36:21 GMT

GET
H2 200 0d892f21276454e9a338c8a4ad11a214.js Show response
www.gstatic.com/mysidia/ Frame 6F7E 24 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d892f21276454e9a338c8a4ad11a214.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 23:49:33 GMT
server: sffe
age: 29220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10348
x-xss-protection: 0
expires: Sun, 27 Jun 2021 07:29:37 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EE5 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 08:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 26265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Tue, 29 Mar 2022 08:18:52 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F7E 0
0 46ms
42ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFwrDBPRhYKuEKJnvgAej8afwBsH9nfZh7JazubYNnb6G0PwJEAEgoZbEB2CViriCyAegAeSTz90DyAEBqQK8rBzMr76zPqgDAaoEsQFP0EV43a4-NW5s_35_PZfsY2tgLCxTWZ_TaGjsTThhpiQKTQ8uKMRl8Vb4-mz7448NMf-qAusePfujLcFpkxASewtFfYVUr6Lq7_HEQP2HX8fOnV_PZAu2IeXWF2397VDguAau6o-Kekb7WGvoAuP90dFbvVnH8bCqnnbO07T6nWdHRW5pkUvqCMWSu_qZyy8ZuG44LebCZRH67xwo4MKwH4tObQjzk-NdofJWcoygyiDABOark9WzA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAeE7LAiqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKu4ENIICQiA4YAQEAEYH4AKAcgLAdgTArIXGgoYCAASFHB1Yi00MDg0MjU0ODc5MzM1NTE2&sigh=2qr6FJFsHfM&template_id=5001&tpd=AGWhJmvMrwDkepNW2A3p4YlZ0_NdleL6VyK8YXELsr5F4BNpVw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Mar 2021 15:36:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5592514381600427306/ Frame 6F7E 2 KB
2 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5592514381600427306/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517b8afd8bbc7d31a000f6d449ac110e5c95a8c97b2429f3aaa4698a6f5657fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 19:25:39 GMT
x-content-type-options: nosniff
age: 418258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1845
x-xss-protection: 0
last-modified: Tue, 25 Feb 2020 13:06:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 19:25:39 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB5E 143 B
165 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 14:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6F7E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56241dc55f3a2e0d9117a9d1f0f55f51b951ff30cdad3ae90fd1eb81d3c6682f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK icons.gif
bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/img/ 12 KB
12 KB 116ms
115ms Image
image/gif 45.55.37.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/img/icons.gif
Requested by: Host: bonpatron.com
URL: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/ui.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.37.23 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nadaclair.com
Software: Apache /
Resource Hash: 5372ecca928934f77e52baec29d6d48b98f4de31384d7c3bc25daffc55f3cae2

Request headers

Referer: https://bonpatron.com/Resources/tiny_mce.3.5.8/themes/advanced/skins/default/ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:38:00 GMT
Last-Modified: Thu, 10 Sep 2015 02:08:27 GMT
Server: Apache
ETag: "2ece-51f5b132bf7a4"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 11982

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6F7E 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 528190
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 23 Mar 2022 12:53:27 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6F7E 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 05:29:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 295603
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 26 Mar 2022 05:29:54 GMT

GET
H3-Q050 200 160x600_verti.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/ Frame 8A24 219 KB
137 KB 10ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html

Requested by

Host: bonpatron.com
URL: https://bonpatron.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4988a0526dedc75517e8253eb290bd42c2622d95d9cf04615660dfd27f093

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 29 Mar 2021 07:56:22 GMT
expires: Tue, 29 Mar 2022 07:56:22 GMT
last-modified: Thu, 11 Feb 2021 15:35:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 138433
age: 27615
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C43 0
0 48ms
46ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE9jOBPRhYLzHJ46ox_AP_c2A6ArzgPzuYcDK6aahDdnZHhABIKGWxAdglYq4gsgHoAG_57vEA8gBCakCxX-DPRHBsz6oAwHIA0iqBKoBT9Bhi3HikrYOdLIRPOkrj7Zgz1r6aqi76_tss9byIgBcn9UoBoVkK11q3E6aWDFyxACnD7PghLZQUEnXL9mQSS_qP1hH8ahgRvBWpV4SXm9Q_7_qeal6LSyYM_EToFqQ-CtkO3NdDQeP5kddW0MduY9-AfhlFOnvBhqmJltEAgg9h425GiApD6dMxIWAShrzREJaMJ8V413qTLRyHwYBhqKLfKG2LKKwsTbABJLsreDHA5IFBAgEGAGSBQQIBRgEoAYugAfAiZUfqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMfmE9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi00MDg0MjU0ODc5MzM1NTE2&sigh=wMRiReAvWVY&template_id=419&tpd=AGWhJmu6YLNV7EkxORmmqws-BcYRDKDQn7M8WcvSKTrmV1GhnA

Requested by

Host: bonpatron.com
URL: https://bonpatron.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Mar 2021 15:36:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 8C43 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:33:20 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 8C43 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:32:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C43 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 8C43 12 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 15:36:21 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB5E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

41ms
40ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=90&slotname=5159351672&adk=4213227295&adf=1653862358&pi=t.ma~as.5159351672&w=728&lmt=1617032196&psa=0&format=728x90&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&wgl=1&dt=1617032196530&bpp=1&bdt=706&idt=106&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C206x600&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PnRdIcywBC&p=https%3A//bonpatron.com&dtd=109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 29-Mar-2021 16:36:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8A24 9 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8A24 22 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4097208668196650087/160x600_verti_v1/160x600_verti.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB72 143 B
165 B 22ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4084254879335516&output=html&h=600&slotname=1878074845&adk=1131064956&adf=3091666388&pi=t.ma~as.1878074845&w=206&fwrn=4&fwrnh=100&lmt=1617032196&rafmt=4&psa=0&format=206x600&url=https%3A%2F%2Fbonpatron.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617032196526&bpp=4&bdt=702&idt=102&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1272629883532&frm=20&pv=1&ga_vid=593399063.1617032197&ga_sid=1617032197&ga_hid=1120479232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1077&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21066429%2C44740079%2C44739387&oid=3&pvsid=3853451327126640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v0Eg6XQwfL&p=https%3A//bonpatron.com&dtd=105

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 14:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3311
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8C43 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45441e3493ba24beddac610ea4341235dab6353bf1df778d258be7b276a99000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da9ce278044df979a011f2d1adf5e74d76a02fc11eb1f723d66252a7e693bfaf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f0414c798e409e316df766bcc57d41e31c023b800a07cd6c0a5f6779791448

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 38 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0502e9eb7df078215a0037d2439a0671f59b704b8988be98c9770c2d6a46bac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efe772a69c62313291856d13a649cb87409e416d270e94467832757f379d3b11

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e38b592b7c307ca433f8250e28f030ed752d9ba5cf1137ea31a5ac090226e6c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ed2ccc602358b3d52ecba62ad03baa696af2894d6a31a6117ba6f5b5edce18

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b18c0fcd1870733cb1afcb2bdea239d9fad918ba82ff7f007c03fda8373b4207

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cba6793b4b962e5657cd0c2a30a9ad07b97d3ecd8ac7f2e359c4432ec95ffae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96efd807b8b97b13157ee5605c6b213d9230a6f64bc618c5eada03eb8bd6dc68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c6f52d03b54283103453776491ee279dea768bad78f749bbc5eaa6cf5f36c61

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e48c20b3cd137e13cc58ed8f202eb64a4df27b1dd292266ee82ac928b8d86d83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 469de782c81f0704f09dc8045efcf2ac0b98775b151b7a7c63ed5dd0cbc263cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0070b8cd1dcfde4e7f72dd66ab6b12f03db96fee6a707adfbf1ad8690e8e25cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A24 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b427fd2cd21cc7ce311a8ee590747adcd9d0db88e083ec589a7016ae26d069b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 53ms
39ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd4776021a08f9133e2a4ca1699529cd81ab3510cba79e3db9bf48ef35e3315d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Mar 2021 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6669
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB72
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
38ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 29-Mar-2021 16:36:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Mar 2021 15:36:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 29 Mar 2021 15:36:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A24 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 08:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 26265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Tue, 29 Mar 2022 08:18:52 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 29 Mar 2021 15:36:37 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BA5C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bonpatron.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bonpatron.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 29 Mar 2021 15:30:11 GMT
expires: Tue, 29 Mar 2022 15:30:11 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 386
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame BA5C 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 08:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 26265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Tue, 29 Mar 2022 08:18:52 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
202 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=3853451327126640&bg=!urmluf3NAAbUo7L91KM7ACkAdvg8WlMmCwrh_dePZf-NKGtOrk0bUS05XysPSrp5AkWC4s9Mg8VcvgIAAAB-UgAAAA1oAQcKAWdT8oPH-j7ifziCg9QeR8SAghhAhLnKlTwx8Y_s0lqgPpxWxfSXvZXlGSDHabPZf6RytYY9hd-kregL5OFMjjA4u2y0zTfabQEDFwE_Ta-V_dF9lzt3zOh0yU-8sVTiQm2gYK0Wy7f0r9c5gtdt06zaynl_u6smjq_L0DqH9R8nUfOp_IAJziwk75-OFKrIAU-NOrgwH6PWU3k2MKQnCL38R5VNY0TfztgVtINaxovsWX-gATXMdHp1hcmKK2bPRMKdfCtcETXJVgHQNgqYXCytmu5Ska6fSUD91HxolQEm2piqah1PO8qNlNK7jRAVZNhWB3N8fNo_6hfn2QRQAOAM23mt3uFTi0tkVL2Ehb6QE2wEjSsG8rJr5b0rp05vo5iUQmoY96oF80BeYmzSkS3-OVRo-kAJMqdqYpa77homt6d_w0u0SClQEY0v_fJTwvARuSYPc23L8nGyBPyP-QZVu81c5RWaxpkBzHK3aYbmZR3M29jJwKUxa45DLznnZm4rTRYcrXY5qmDbbYQsunTR6dU5boKTFAAnumTC7uuYz-t31rI9zUTbuRhM4cN8C_ludEEM5H5NTSZV1AW4G8eNosCeInw6NDuQhe0FBgrrk7J4cuIXLIUtPles9TDqnFCGrEQQHHeJZye9mJ0ZPRXvev66xDiFmlDsrQd_2pmlltOAIhOwdedCAtRR2wEyzq5gKxDDDQ4nkYTOrTsSHaxkh0GdQkGu93EK0L8W2zNvkcEitZfbXmArp6sBDJXYB9wddP1OfknbxJF7UPY8kJyrycb6aH1EbwM9jpHeHNCZ5n2ZjtKDfdc1UJrfzTw6TMyAls38VjnJm4YcRbIulLifFlKUVKpWqMlFQ2CZO-xwVQJSutQc-akXrqoDycrXK2FqzmPGKOYWkAd4vFvwKapJOYADK78NgtIhhjL3W_WzfzYar1rale4uInqlVB9Cw8cxmUysBRM9yYsdC5Er7F15ftFbjauWL-giTFOt_-sr2I9jgGzMTj4bL4GcMQ9fBc3U2iQYGH88l2_ihCGb1VV1TzzeUDB9r-Ku1ETe0esNxGuSxVCMSfWCnjPcUSsuAq3blvxYFMo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bonpatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 15:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51EA 42 B
155 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxsrQ3QrTVBBrM0aNZhCmZI0WXlLJcFuH5WkR-aiBofzfArb4mRx89cgP5u4btWhlFm4SsD0ICCvqlHZ9BvKiwZlBvmz8mtmCAxTNPA3WCN_SN8uSgOrnBaY5Rwg&sai=AMfl-YSRFlM_XO5TRAq-Yh-ducgZWDVKM_fjiI9zfCHJ1W0Z7veV8f84khedqXFCQjiNosOb5M1ibdnEABEj&sig=Cg0ArKJSzItc9p8kDjoHEAE&id=osdim&mcvt=1001&p=91,317,181,1045&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=893745953&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617032196628&dlt=379&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 15:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F7E 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFXSf4Qgcd4dZTnTa5JeYrvHtq1m7Qgk5RPEmiReq-1pAz1V7YpKH8uZb_sWJj95QHsHfxX8jfAIwQ9v2QyAb0SIU68zf9v5t3EjiXF0d-BH17siWe4szyxCb7TQ&sai=AMfl-YRPmVJDvVnStYlVyPjyvGQWedszoC0E-d1jhCaKr2BNesPY4bUZKrSf6nyqOQNtgu82jtCi0k8vi6UO&sig=Cg0ArKJSzDgGKHHY50c7EAE&id=osdim&mcvt=1000&p=512,325,602,1053&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4213227295&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617032196641&dlt=551&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 15:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C43 42 B
66 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfcbfuhLFoUiXoKTL1sP9_MEbi58aHG8E0BAWJo2r-tvRewdkm74XibHBMO6IuLMr72jHixouRPUO8RwKA7AIdrYsgHQyIgjsjepDserbVSycAY6PRemZeFnNTOw&sai=AMfl-YR2C4gh5PnVfFoLR2GkiGUoMWUpgIKAOQ7b-ZPSD3OPeGKdFiLfpg5cpJxlegU1LuAjfSvBH96cFLXU&sig=Cg0ArKJSzEzOB59kUuNTEAE&id=osdim&mcvt=1000&p=69,1077,669,1237&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210324&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1131064956&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617032196635&dlt=810&rpt=58&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 15:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:10:33	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 17:10:35	Name: DSID Value: NO_DATA
.bonpatron.com/	1970-01-19 17:10:32	Name: _gat Value: 1
.bonpatron.com/	1970-01-19 17:11:58	Name: _gid Value: GA1.2.1636988564.1617032197
.bonpatron.com/	1970-01-20 10:41:44	Name: _ga Value: GA1.2.593399063.1617032197
.doubleclick.net/	1970-01-20 02:32:08	Name: IDE Value: AHWqTUlZlL2aVZFCXO9VycknukZdv8ts0SxAjrdrXeQDKiQXPlxpnJBv3MmSq0AEkVg
.bonpatron.com/	1970-01-20 02:32:08	Name: __gads Value: ID=45bd22ae0067b01b-22296872e7ba0058:T=1617032196:RT=1617032196:S=ALNI_MaFw_R-ZWfYDgjWcMQ6cDZ9ocdUAA
bonpatron.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: h02r2hm9ndkqfb4p26la8c79r1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bonpatron.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
23.111.9.35
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
45.55.37.23
0070b8cd1dcfde4e7f72dd66ab6b12f03db96fee6a707adfbf1ad8690e8e25cb
008ec6951223783eedfc35b9842f6da48335630cd1996615bbdc30d44b2cfdb2
01ca42bf058d0373871d6467850c8dc514f3997bb880f8f6e8186d820dd754db
0e9fc180df40a27ddb0015247c4faa610c8e2b5eaf304cab23a1a3148531c05f
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
15d10f7e21486a2096c7fe22c3d66f24ab8616082d35bb17ade50cf7fc0a976c
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
191c196d061a329e84520c5e4e5003a0a1886bfdfa8ea04638cff27380e97311
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2c6f52d03b54283103453776491ee279dea768bad78f749bbc5eaa6cf5f36c61
2cd674ff5b6504879645d55d65c015402feab22142cf61257535457f9dfa0a4c
32dd148576f1a74b7bb5db6e5318bab63bce3e34c8c6a0ea21e96469765ad535
35e820dcf2bcc6818dbc5122c28b154d4e1643603e9fce7fb75f87cec4634c97
3906bdf5815301877a2d32e56c2b9b41286a5b3d6caa2b47af0a70ba2c29f98d
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3afdddee231a9899354f7ba00f07bc13aa43353f20a8173cf225962539ce7bd0
3c18efb8e9c4bf4cf891898effa3fc94a2341634c99a0fef777f0d8379cb070b
3cba6793b4b962e5657cd0c2a30a9ad07b97d3ecd8ac7f2e359c4432ec95ffae
3e110cc930c7c0cd8d057063b312f186127c173b404ac86da223a12d12c9c0b2
3f20c6171c10240485f8f26b3c4826ae784bfc4c1bf0024d59b0fc6749e36792
45441e3493ba24beddac610ea4341235dab6353bf1df778d258be7b276a99000
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
469de782c81f0704f09dc8045efcf2ac0b98775b151b7a7c63ed5dd0cbc263cc
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49df8d6b2f16818af32e9c9eb6873e0cdd66b2311e2fa4ee7a664ee2e4d47224
4cd8a7b2b2ea6eccba1ebc37ddd9de0169e6570fc8ff3bddb4eb09e6de090dee
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
50fbc3fc7dbd72ea78ec27ce1f2856e6fac4bb8f6849956822c72aa72e5a277f
517b8afd8bbc7d31a000f6d449ac110e5c95a8c97b2429f3aaa4698a6f5657fc
5372ecca928934f77e52baec29d6d48b98f4de31384d7c3bc25daffc55f3cae2
55e6957bae139612888b321bce4e16c077994a45e378703dbea590f77ff0b031
56241dc55f3a2e0d9117a9d1f0f55f51b951ff30cdad3ae90fd1eb81d3c6682f
5767f3e493d7577cabb02158ed70f8f5d49d0d9d623f4582f503a5b689283883
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a76c9d6c65468a7e0d90f849708a9e139e1cba66d4bafea022d3c3595833057
5aff367c86f62ac39189f5cc2efa33c6bf5b332d9dd0a7d26b85c74affd5605b
5bfd822d794c0b84a9046fbd37a6bad8ff24fc128b595cec280b21ab3deb831d
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a8fd21c578cf293aefda530ae19da0d434a4cc99167fbef9c0940dcc1b0a89f
6f212f2ad50b8e92e77d3ad8d989902a2b962b0148599355dcb74e10851e0820
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
78ed2ccc602358b3d52ecba62ad03baa696af2894d6a31a6117ba6f5b5edce18
79a4988a0526dedc75517e8253eb290bd42c2622d95d9cf04615660dfd27f093
7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107
81f0414c798e409e316df766bcc57d41e31c023b800a07cd6c0a5f6779791448
8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce
87fa99a1ecfaa4d46a57f68867536706d245a46eb2151e6cf48a3f46f7ac9e1c
8d081b7b0589072f473082b8833f7538d237c545eda8f69ba27d64137d785650
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
941a5dc6ac8df74fd7e9eba97dac0900e985fe8e92d5e1d6b57ca2f1fcd4a679
96ede6a05435502a4b050b9c558f438343684d956daa40998055b3f82cfdd71b
96efd807b8b97b13157ee5605c6b213d9230a6f64bc618c5eada03eb8bd6dc68
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fccafd3dfe888d109262a50041b6fe43b142de53d83f14905bb4649122654f
a871c477bcd6294dcffc367bd196ea89b2817a6549e8c76498645b9b71312a10
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
b0b06207be08c23e4c5d7156e832a95c15c3c60225c3a304528792a8603a8e9b
b18c0fcd1870733cb1afcb2bdea239d9fad918ba82ff7f007c03fda8373b4207
b427fd2cd21cc7ce311a8ee590747adcd9d0db88e083ec589a7016ae26d069b8
bb9af62396d4d0125a54a0f4d60bdb0f6064848be80a21bc6256055eac655899
bd1e5bb9db4f7939f08261273a403ef4f605d8db7b6958be40d4abfdfc072e66
bd4776021a08f9133e2a4ca1699529cd81ab3510cba79e3db9bf48ef35e3315d
c190e2bc2e251c532f115d652d5f371831bd8fa4e483662245521c317b145c05
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c5440ef39bcce7e68c7d3bf6225f3f5dae405415da0e21d8eeb7ced8c80538ec
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c91bf9e86d69bf7c7fa7e961e65d4a7740b45a4c0861644711857f109ee3f088
cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
da419ff6d29c6f8e058c647c8a9e10f3c9ef9f17050a5de9e3bab53f6d6942de
da9ce278044df979a011f2d1adf5e74d76a02fc11eb1f723d66252a7e693bfaf
ddd1b4b589bc03241e007d1d785ca0316276f9efd0c9827bd4f8bdc651b195a7
dde55563734a01fea51886be5237772bff913377962d6b5ba0577acfd3550a34
e38b592b7c307ca433f8250e28f030ed752d9ba5cf1137ea31a5ac090226e6c1
e394ed54d42ecf91a3b8c794347bfbb4d2589265d17eec6a508d7a2a64e6f79b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c20b3cd137e13cc58ed8f202eb64a4df27b1dd292266ee82ac928b8d86d83
e54badb6fb58d9af5354b5707ecc7893850a43e9c153140721d59485cd756934
e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe772a69c62313291856d13a649cb87409e416d270e94467832757f379d3b11
f0502e9eb7df078215a0037d2439a0671f59b704b8988be98c9770c2d6a46bac
f0852b0bbe2fbc8f823c7bf3e79fc7a6f6c0117412f61badc7e151da40c2532f
f24e14797ef8c7bdd01de9abb85d8d6871b7f1259e38fe696ddab26ea5dc8224
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

bonpatron.com Open in urlscan Pro 45.55.37.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

79 %IPv6

11 Domains

14 Subdomains

13 IPs

2 Countries

883 kBTransfer

2293 kBSize

8 Cookies

13 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bonpatron.com Open in urlscan Pro
45.55.37.23 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

883 kB
Transfer

2293 kB
Size

8
Cookies

95 HTTP transactions
17 data transactions