urlscan.io logo urlscan.io
SecurityTrails logo

ww25.proefgroup.omicrosoft.com Open in urlscan Pro
199.59.243.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://proefgroup.omicrosoft.com/
Effective URL: https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
Submission: On January 12 via api from PT — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 18 HTTP transactions. The main IP is 199.59.243.228, located in United States and belongs to AMAZON-02, US. The main domain is ww25.proefgroup.omicrosoft.com.
TLS certificate: Issued by R13 on October 26th 2025. Valid for: 3 months.
This is the only time ww25.proefgroup.omicrosoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    103.224.182.246 (San Diego, United States)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
proefgroup.omicrosoft.com
4    199.59.243.228 (United States)

ASN16509 (AMAZON-02, US)
ww25.proefgroup.omicrosoft.com
1    2607:f8b0:4004:c07::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
1    2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2607:f8b0:4004:c1b::64 (Washington, United States)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
2    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
Apex Domain
Subdomains		 Transfer
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 350
ep2.adtrafficquality.google — Cisco Umbrella Rank: 359
21 KB
5 omicrosoft.com
proefgroup.omicrosoft.com
ww25.proefgroup.omicrosoft.com
52 KB
4 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3721
53 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 15529
959 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
21 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 6130
266 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
48 KB
18 7
Domain Requested by
4 syndicatedsearch.goog www.google.com
syndicatedsearch.goog
4 ww25.proefgroup.omicrosoft.com ww25.proefgroup.omicrosoft.com
3 ep2.adtrafficquality.google www.google.com
ep2.adtrafficquality.google
2 afs.googleusercontent.com syndicatedsearch.goog
2 ep1.adtrafficquality.google www.google.com
1 pagead2.googlesyndication.com ep2.adtrafficquality.google
1 partner.googleadservices.com www.google.com
1 www.google.com ww25.proefgroup.omicrosoft.com
1 proefgroup.omicrosoft.com 1 redirects
18 9

This site contains links to these domains. Also see Links.

Domain
ww25.proefgroup.omicrosoft.com
Subject Issuer Validity Valid
ww25.proefgroup.omicrosoft.com
R13		 2025-10-26 -
2026-01-24		 3 months crt.sh
*.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
adtrafficquality.google
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.googleadservices.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
syndicatedsearch.goog
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
Frame ID: 621062B58DC1615CEAC7988640513988
Requests: 11 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?sjk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol110%2Cpid-bodis-gcontrol440%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20260112-2105-5828-b129-e2b691aa3fd7&terms=Microsoft&kw=Microsoft&type=3&swp=as-drid-2281830005875978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717108&format=r3&nocache=5951768212360332&num=0&output=afd_ads&domain_name=ww25.proefgroup.omicrosoft.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1768212360334&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fsubid1%3D20260112-2105-5828-b129-e2b691aa3fd7
Frame ID: 9E27E64D4DF3ADD21D4CC83511214F48
Requests: 4 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: AA138FB590B96B2865AE84C418759156
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

omicrosoft.com

Page URL History Show full URLs

  1. https://proefgroup.omicrosoft.com/ HTTP 302
    http://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 HTTP 307
    https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 HTTP 307
    https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

18
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

9
Subdomains

9
IPs

1
Countries

195 kB
Transfer

422 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://proefgroup.omicrosoft.com/ HTTP 302
    http://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 HTTP 307
    https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 HTTP 307
    https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ww25.proefgroup.omicrosoft.com/
Redirect Chain
  • https://proefgroup.omicrosoft.com/
  • http://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
  • https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
  • https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7cf4168908dbcb58b15dece92fb051707def3169e59beffdc25e0ed5da50aed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

Accept-Ch
sec-ch-prefers-color-scheme
Cache-Control
no-store, max-age=0
Connection
close
Content-Length
1210
Content-Type
text/html; charset=utf-8
Critical-Ch
sec-ch-prefers-color-scheme
Date
Mon, 12 Jan 2026 10:05:58 GMT
Vary
sec-ch-prefers-color-scheme
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_PEnkQwBGMynH0MzLx0ELFSGm9vB1dT5FlnT7QT1y9bvYTQmHoj9Mb/jmDLJjapDrtkS7GxsgIqX9MFOy1q1KuA==
X-Request-Id
1d4b8531-d1ed-476b-8ffe-656e93cc5593

Redirect headers

Location
https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
bfTgJXshc.js
ww25.proefgroup.omicrosoft.com/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww25.proefgroup.omicrosoft.com/bfTgJXshc.js
Requested by
Host: ww25.proefgroup.omicrosoft.com
URL: https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3bedcc4528556d651938f40b4efa5d633b57d7aee1b4dad6c683b6f467f180eb

Request headers

sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7

Response headers

X-Request-Id
bc06f00d-6cf2-4aba-b639-d605b354b7c9
Content-Length
44541
Date
Mon, 12 Jan 2026 10:05:58 GMT
Content-Type
application/javascript; charset=utf-8
Connection
close
_fd
ww25.proefgroup.omicrosoft.com/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ww25.proefgroup.omicrosoft.com/_fd?subid1=20260112-2105-5828-b129-e2b691aa3fd7
Requested by
Host: ww25.proefgroup.omicrosoft.com
URL: https://ww25.proefgroup.omicrosoft.com/bfTgJXshc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4d5c9d762705e393c6a40ba7786e5f6763cba803e983c10eb068fb45ef54c89a

Request headers

Referer
https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
sec-ch-prefers-color-scheme
light
Accept
application/json
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

X-Request-Id
cecebfb7-3e1f-4da7-8b35-f487beb5732f
Content-Length
5213
Date
Mon, 12 Jan 2026 10:05:59 GMT
Content-Type
application/json; charset=utf-8
Connection
close
caf.js
www.google.com/adsense/domains/ 		131 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Requested by
Host: ww25.proefgroup.omicrosoft.com
URL: https://ww25.proefgroup.omicrosoft.com/bfTgJXshc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc306ce7e37f844718a0496badb6e65787d492a36050d863d09c2b871c850a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

content-encoding
gzip
etag
"14549997761409523244"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 10:06:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 10:06:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
sodar
ep1.adtrafficquality.google/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=afs&tv=1234567890&st=env&sjk=50Z/EYWiSaeQ4pXXSwPz7A==&sde=1
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d24114ae24baf3041e387e32ff19e8f9918b63326ac2a8d1d092b51fb4fd0435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
8153
date
Mon, 12 Jan 2026 10:06:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
cookie.js
partner.googleadservices.com/gampad/ 		382 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.proefgroup.omicrosoft.com&client=partner-dp-bodis30_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30c50e23aab670f685e07f80bd56a5130857436fc05043e9f4f77f22d4d6d9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
245
date
Mon, 12 Jan 2026 10:06:00 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame 9E27 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?sjk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol110%2Cpid-bodis-gcontrol440%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20260112-2105-5828-b129-e2b691aa3fd7&terms=Microsoft&kw=Microsoft&type=3&swp=as-drid-2281830005875978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717108&format=r3&nocache=5951768212360332&num=0&output=afd_ads&domain_name=ww25.proefgroup.omicrosoft.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1768212360334&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fsubid1%3D20260112-2105-5828-b129-e2b691aa3fd7
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
cd003e55e03b34150405fa8c25ab15f90e1eac9be68b30e761f094a3d7f23a2d
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-YYUwc0L1dd1fuMP9aPHx2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://ww25.proefgroup.omicrosoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ch
Downlink RTT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2989
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-YYUwc0L1dd1fuMP9aPHx2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 12 Jan 2026 10:06:00 GMT
expires
Mon, 12 Jan 2026 10:06:00 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 10:06:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 10:06:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
caf.js
syndicatedsearch.goog/adsense/domains/ Frame 9E27 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?sjk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol110%2Cpid-bodis-gcontrol440%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20260112-2105-5828-b129-e2b691aa3fd7&terms=Microsoft&kw=Microsoft&type=3&swp=as-drid-2281830005875978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717108&format=r3&nocache=5951768212360332&num=0&output=afd_ads&domain_name=ww25.proefgroup.omicrosoft.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1768212360334&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fsubid1%3D20260112-2105-5828-b129-e2b691aa3fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa8be4370840f5f4786c3272d110a80cc15638ed61b81868a01ea9701c02114c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://syndicatedsearch.goog/

Response headers

content-encoding
gzip
etag
"16060117982326264355"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 10:06:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 10:06:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame AA13 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ww25.proefgroup.omicrosoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jan 2026 10:03:08 GMT
expires
Mon, 12 Jan 2026 10:53:08 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 9E27 		200 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?sjk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol110%2Cpid-bodis-gcontrol440%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20260112-2105-5828-b129-e2b691aa3fd7&terms=Microsoft&kw=Microsoft&type=3&swp=as-drid-2281830005875978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717108&format=r3&nocache=5951768212360332&num=0&output=afd_ads&domain_name=ww25.proefgroup.omicrosoft.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1768212360334&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fsubid1%3D20260112-2105-5828-b129-e2b691aa3fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://syndicatedsearch.goog/

Response headers

content-encoding
gzip
age
1432
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options
nosniff
expires
Tue, 13 Jan 2026 08:42:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 09:42:09 GMT
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control
public, max-age=82800
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
accept-ranges
bytes
content-length
174
x-xss-protection
0
server
sffe
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 9E27 		200 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?sjk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol110%2Cpid-bodis-gcontrol440%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20260112-2105-5828-b129-e2b691aa3fd7&terms=Microsoft&kw=Microsoft&type=3&swp=as-drid-2281830005875978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717108&format=r3&nocache=5951768212360332&num=0&output=afd_ads&domain_name=ww25.proefgroup.omicrosoft.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1768212360334&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=https%3A%2F%2Fww25.proefgroup.omicrosoft.com%2F%3Fsubid1%3D20260112-2105-5828-b129-e2b691aa3fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://syndicatedsearch.goog/

Response headers

content-encoding
gzip
age
122
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options
nosniff
expires
Tue, 13 Jan 2026 09:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 10:03:59 GMT
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control
public, max-age=82800
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
accept-ranges
bytes
content-length
174
x-xss-protection
0
server
sffe
_tr
ww25.proefgroup.omicrosoft.com/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ww25.proefgroup.omicrosoft.com/_tr
Requested by
Host: ww25.proefgroup.omicrosoft.com
URL: https://ww25.proefgroup.omicrosoft.com/bfTgJXshc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ww25.proefgroup.omicrosoft.com/?subid1=20260112-2105-5828-b129-e2b691aa3fd7
sec-ch-prefers-color-scheme
light
Accept
application/json
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

X-Request-Id
5a7e8cf9-217b-4c0a-8ac0-bc3247e3e910
Content-Length
2
Date
Mon, 12 Jan 2026 10:06:00 GMT
Content-Type
application/json; charset=utf-8
Connection
close
pDqMMZkda3lQRUgqpS5JK3oWoYXrgZqWP3p6sDQANIk.js
pagead2.googlesyndication.com/bg/ Frame AA13 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/pDqMMZkda3lQRUgqpS5JK3oWoYXrgZqWP3p6sDQANIk.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a43a8c31991d6b795045482aa52e492b7a16a185eb819a963f7a7ab034003489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
1870
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 09:34:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 09:34:51 GMT
last-modified
Mon, 05 Jan 2026 11:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21058
x-xss-protection
0
server
sffe
generate_204
ep2.adtrafficquality.google/ Frame AA13 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?PtBc8w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 12 Jan 2026 10:06:01 GMT
cross-origin-resource-policy
cross-origin
sodar
ep1.adtrafficquality.google/pagead/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=afs_1234567890&jk=50Z%2FEYWiSaeQ4pXXSwPz7A%3D%3D&bg=!c3ClcD_NAAZjEgz9QxI7ADQBe5WfOCyA9N5SyhCQRm2eg-fXQqLFCG7HDbKs9qZf3szfCcUNJi4aco5GRz57RF5q9LMaAgAAAJ1SAAAABGgBB34AG7FKztcKYYb5N33CLyHZiq-ybkuyYA7DYyJHewoAqs_a-CllnOMBmq87zfyyqj6Air33luIz4hBFAiwYDjKz-M9AUFObKox1CAfpMnDhtGmDcjQilS30CNRdbAnBIFLxHOGGRJW5qp9l48MDTdfQY5594KW4UMIUGQp1HsU5umnRGOqVHgMjf_fV4HSjS7dnbZNA8VBbYlNqMjQr0N3Hwjdsypw5-MV41whdBouzAtEjg6R4KWOFwqi8WRtEX1vZO4IGveRt0x_hmQHg_eV0fGl9kUhtPaCH8RSyCTfWFlB9SCsyPJBCR6z-47dpj-ju4-ojtn5PJnsUQQPz6YOxSehWdS5AUSGblZ653zl-jnRWkS24qnEo1KSKd5vX1SGc6w70TDUsjmeC32eegtwimdcLKxiQIlAOAzMNYSbAwmAzT_1rY0xg6eBfeRaerVRJpGx09tO1borb6pPmLhie2Ij9hU_cnSjdaleqVbIxBnaMIiGxh_0Jm26gkYCIIB-A0DwpJqDYsW3ff2qLQOO10TGfCAmeu8NBukkcavH6Jn2Wl_dTDULqbvkae3vrKryevzzG2e-PSUsrnQ5JAqh8NtFA7kVHkwkRaPhMHOycmLcR8NwrXCE5TlyzkiNKikBPOW7CMywL32rtB1jqyp0oiVtBQBtSjU-fodmUOw80QcJewU0hAvHkN9bPsxcZXB4PE895kwcDbuPlqeAA2iW6rwZXpf19RUsKSFM07vCdYDgjV3OOfC9yUCkUYsFJC9WYG17Rgrpu3Oa6PuPbuFotg0_Pxw1fCdR6JqMMz6etJ-GqCgIYid-DB8CUH8gikWrpn9KZUDLAdBuH4xhOTRuqRnOfkCJO3kjNcG2qx_d-wyO5MiBjpI1M6jiW4nQWjUNBy5qt9RBZCRdiwvzD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 12 Jan 2026 10:06:01 GMT
x-xss-protection
0
content-type
image/
server
cafe
gen_204
syndicatedsearch.goog/afs/ 		0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=rhjvc4a6b5nt&cd_fexp=72717108&aqid=iMdkabyaJL7MnboPgOK6mQk&psid=3113057640&pbt=bs&adbx=450&adby=143&adbh=373&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=842209568&csala=8%7C0%7C415%7C112%7C67&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-A9S2kZ23lWUiazGUs714Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-A9S2kZ23lWUiazGUs714Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 12 Jan 2026 10:06:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
gen_204
syndicatedsearch.goog/afs/ 		0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=8cj8kvc1h2jh&cd_fexp=72717108&aqid=iMdkabyaJL7MnboPgOK6mQk&psid=3113057640&pbt=bv&adbx=450&adby=143&adbh=373&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=842209568&csala=8%7C0%7C415%7C112%7C67&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-KGyGy1emKLm-KM5v0EtL0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ww25.proefgroup.omicrosoft.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-KGyGy1emKLm-KM5v0EtL0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 12 Jan 2026 10:06:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

11 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 string| park object| version object| __parkour number| googleNDT_ number| googleAltLoader string| GoogleD3KJLP9Z object| google function| __sasCookie object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
proefgroup.omicrosoft.com/ Name: __tad
Value: 1768212358.2713447
ww25.proefgroup.omicrosoft.com/ Name: parking_session
Value: 20ede6b3-6edf-4347-9b0e-86d33dcb1dca
.omicrosoft.com/ Name: __gsas
Value: ID=b354c09e855086bb:T=1768212360:RT=1768212360:S=ALNI_MZygkXomwi4bhqajcOLP-P5Yfls0Q

1 Console Messages

Source Level URL
Text
rendering warning URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0150464150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
partner.googleadservices.com
proefgroup.omicrosoft.com
syndicatedsearch.goog
ww25.proefgroup.omicrosoft.com
www.google.com
103.224.182.246
199.59.243.228
2607:f8b0:4004:c07::63
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::64
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1d::84
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
30c50e23aab670f685e07f80bd56a5130857436fc05043e9f4f77f22d4d6d9f1
3bedcc4528556d651938f40b4efa5d633b57d7aee1b4dad6c683b6f467f180eb
4d5c9d762705e393c6a40ba7786e5f6763cba803e983c10eb068fb45ef54c89a
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
a43a8c31991d6b795045482aa52e492b7a16a185eb819a963f7a7ab034003489
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aa8be4370840f5f4786c3272d110a80cc15638ed61b81868a01ea9701c02114c
cd003e55e03b34150405fa8c25ab15f90e1eac9be68b30e761f094a3d7f23a2d
d24114ae24baf3041e387e32ff19e8f9918b63326ac2a8d1d092b51fb4fd0435
d7cf4168908dbcb58b15dece92fb051707def3169e59beffdc25e0ed5da50aed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc306ce7e37f844718a0496badb6e65787d492a36050d863d09c2b871c850a93