urlscan.io logo urlscan.io
SecurityTrails logo

googleads.g.doubleclick.net Open in urlscan Pro
216.58.206.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&f...
Submission: On April 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 216.58.206.66, located in United States and belongs to GOOGLE, US. The main domain is googleads.g.doubleclick.net. The Cisco Umbrella rank of the primary domain is 36.
TLS certificate: Issued by GTS CA 1C3 on March 18th 2024. Valid for: 3 months.
This is the only time googleads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 216.58.206.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 142.250.186.66 15169 (GOOGLE)
12 4
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
212 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
39 KB
12 2
Domain Requested by
8 pagead2.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net googleads.g.doubleclick.net
1 tpc.googlesyndication.com googleads.g.doubleclick.net
12 3

This site contains links to these domains. Also see Links.

Domain
adssettings.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Frame ID: A7CE9293CDBC9EB738FE84BF7D17F36A
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tty_OrL5QYfKemQRIlHGQG9kTttTJdYWl-vmWjncNec.js
Frame ID: C69510DB741F18755D3F882F4F71495B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

251 kB
Transfer

544 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ads
googleads.g.doubleclick.net/pagead/ 		102 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b69c132e0b58430f04c3dcc087d84d68ea7041cf5090eb3a6d8a830a5d4c6289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
38947
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Apr 2024 15:13:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2279752977600985020
tpc.googlesyndication.com/simgad/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2279752977600985020?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmt3LDYUUfRh85Xw89xRatUBMTiRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff83e123cee3ba7e7f63d1c530f660b61a88c3e013bc296d974e4eb5b0309f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 18:45:13 GMT
x-content-type-options
nosniff
age
505667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95715
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 17:12:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Apr 2025 18:45:13 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 09:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
20668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
6094826908298432593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 May 2024 09:28:32 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 09:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
20668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 May 2024 09:28:32 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9709caaeb47935e01f79e18b93611c0cacd448454be40c3a3d99d7b041a59c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 18:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
73282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8364
x-xss-protection
0
server
cafe
etag
14513890815928696931
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 May 2024 18:51:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ 		214 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
03bc1e5cca5f55ed53c46793d00bc085e5acdc99c3bc1f5c1c4a51a347bedb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 14:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
2665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66536
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Apr 2024 15:28:35 GMT
one_click_handler_one_afma_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240418/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9d0b590fff9c4143ef05d325d176c97419e0a305e6e23e07c9b5fa86da407bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 01:08:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
50644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14785
x-xss-protection
0
server
cafe
etag
1999739620002918678
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 May 2024 01:08:56 GMT
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71a270a11619fc4f30e3c34455bbe7b3094839a1f975c5910c5f473e14a36eea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 15:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CeZtJ-88nZqTNH_7QgrAP5pOtuASVv-iCd6n3p-frEtrZHhABIMeD_AFgldqZgqwHoAGcr_uoAsgBAqgDAcgDyQSqBOkCT9C6IpPV3C3BeUqpLak-pQ2BnbtupSxGDRu-n5Fcwvnr4LiGDMkCsKO2r-v8fv7q8McsiZuAkSGtkUewmkfnY-vNY7PFnU5MKtT9HWBPscpoB0MKa-NhQRhyL0xQC0OsUROcq73A2Ift_UZkHJoQK-UWWh4zdnSZz6HEoixWypXqyU0mtsAcFOnY5-PSKUv1Fe72U0NZ5zPSN-q4u53rFOKUYyA7tCnCoeEIBa6HHXuu2Sw9EpzaQK2B3Yg74UPATSsnAdxUXxedgHt6fWwDn9Yz6hjjaz5s3I6lS2S1ffl689lisftPIPzdt1HkpgGPJlcuTeZ8hfS4UeFe21Xg2HXZXzfx9RwKX-YHAi3zzJVYKhhsyHBpePMZ3PeoqWuxKnaaysrHuBf_2RyWN8eUIuuxWLfV_riPacQrM3UnVQaHZ7GKonXO6g9U695eUUjqIolz7WfPif7_nLjvPevtIiKt_fFR6jBv_cAEvOSG_NcEiAWX5IvyTpIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagH2baxAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEPKJTtIIKwiR4YBwEAEYHzIH64uA4L-ADToJgECAgICAgJQoSL39wTpYvu666s_YhQOaCesBaHR0cHM6Ly93d3cuaGVyby13YXJzLmNvbS8_ZGVsYXllZHNpZ251cD10cnVlJm54X3NvdXJjZT1hZHhfYWR3b3Jkc2Rpc3BsYXkuaHdfd2JfdWNfLS5jYy1kZS5nLW1peC5hLW1peC5hdS10aGVtZV9zaXRlcy5vcHQtcHVyY2hhc2UyLmNvbS1uZXdhYy5jci1uZXdsb290NTAuY24tOTcwXzI1MC5scC1kZWxheWVkLmR0LWRpc3BsYXkuY2lkLTIxMTc3MjMzOTQzLmFnaWQtMTYxMDUyOTk2MTU2LmNzZC0xMjA0MjQuLYAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGACyGAkSArBTGAIiAQDoGAE&sigh=JWflZdVQTjw&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Attribution-Reporting-Eligible
event-source
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Apr 2024 15:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tty_OrL5QYfKemQRIlHGQG9kTttTJdYWl-vmWjncNec.js
pagead2.googlesyndication.com/bg/ Frame C695 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tty_OrL5QYfKemQRIlHGQG9kTttTJdYWl-vmWjncNec.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b6dcbf3ab2f94187ca7a64112251c6406f644edb5325d61697ebe65a39dc35e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
502169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20284
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Apr 2025 19:43:31 GMT
favicon.ico
googleads.g.doubleclick.net/ 		1 KB
909 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
sffe /
Resource Hash
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=280&adk=583023755&adf=2853840703&w=834&fwrn=4&fwrnh=100&lmt=1713882516&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1004406281&ad_type=text_image&format=834x280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Funitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak%2F&fwr=0&pra=3&rh=200&rw=834&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1713884301135&bpp=2&bdt=980&idt=-M&shv=r20240422&mjsv=m202404220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddbe4f8ef192dc399%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_Mbgzv9MgQeaE1WrPt1HZdKjqgYjvA&gpic=UID%3D00000de12b997e20%3AT%3D1713273652%3ART%3D1713380344%3AS%3DALNI_MZpOZEL601Y0jGf4KO7a0Dmx-ZrMw&eo_id_str=ID%3D8fdf6e7be56a7017%3AT%3D1713273652%3ART%3D1713380344%3AS%3DAA-AfjaZa8_m3F7sbG_0R0NEYceZ&prev_fmts=834x500%2C0x0&nras=2&correlator=6707535824270&frm=20&pv=1&ga_vid=1463611776.1713273645&ga_sid=1713884301&ga_hid=117943598&ga_fc=1&u_tz=-300&u_his=3&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=687&ady=1612&biw=2543&bih=953&scr_x=0&scr_y=600&eid=44759875%2C44759926%2C44759842%2C95329725%2C95329832%2C31082989%2C95326316%2C95331045%2C31078663%2C31078665%2C31078668&oid=2&pvsid=913027708834099&tmod=795822233&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2F&fc=384&brdim=0%2C0%2C0%2C0%2C2560%2C0%2C2560%2C1040%2C2560%2C953&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 00:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
884
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/x-icon
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 20 Apr 2025 00:00:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-kuzICGTVe27KxCRdpnOxpJDZyFCnrf-vVB6FvOcrf8_YxMd22ptDZaJY4NVgqi0HV4Yc1HNYw_aP7Ji16R8mD3UUKDe7PsaArUS28q2ZxAN1W3uMr4rbXR1iwoMDsf09gXgEzHfy-7vvu4hIp74dhBiOwREdkSsbGogwFKuj&sig=Cg0ArKJSzDVCjt-n7T9MEAE&id=lidar2&mcvt=1000&p=0,383,215,1217&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240422&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=4&adk=583023755&rs=2&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=981798000&rst=1713885179338&rpt=998&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 15:13:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| jscVersion object| google_casm object| dicnf object| google_js_reporting_queue number| google_srt function| vu function| vv function| bgz function| mb function| init_ssb function| accbk function| xy function| ss function| st function| ha function| hb function| ia function| ja function| ga object| googqscp object| google_logging_queue object| window_focus_for_click function| jspbGetTypeName number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| google_tag_data function| bga function| bgy undefined| goog_delegate_deferred_token function| wrpfc

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0