office-qa.com Open in urlscan Pro
219.94.129.65 Public Scan

URL:
http://office-qa.com/
Submission: On March 18 via manual (March 18th 2021, 4:51:26 am UTC) from JP

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 102 HTTP transactions. The main IP is 219.94.129.65, located in Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is office-qa.com.

This is the only time office-qa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	219.94.129.65 219.94.129.65	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	52.197.33.50 52.197.33.50	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
13	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
102	22

4 219.94.129.65 (Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www1055.sakura.ne.jp

office-qa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.197.33.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-33-50.ap-northeast-1.compute.amazonaws.com

www18.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.208.246 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com 2 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	516 KB
23	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	95 KB
14	google.com 1 redirects adservice.google.com apis.google.com accounts.google.com www.google.com	135 KB
12	gstatic.com ssl.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	145 KB
4	googletagservices.com www.googletagservices.com	135 KB
4	office-qa.com office-qa.com	35 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	2 KB
3	openx.net 3 redirects rtb.openx.net	992 B
2	innovid.com 1 redirects ag.innovid.com	686 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	918 B
2	quantserve.com 1 redirects cms.quantserve.com	800 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google.de adservice.google.de	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	307 B
1	mookie1.com odr.mookie1.com	324 B
1	googleadservices.com partner.googleadservices.com	639 B
1	a8.net www18.a8.net	184 B
102	18

	Domain	Requested by
24	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	office-qa.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
13	cm.g.doubleclick.net	office-qa.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	apis.google.com	office-qa.com apis.google.com accounts.google.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects apis.google.com googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	office-qa.com	office-qa.com pagead2.googlesyndication.com
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	googlecm.hit.gemius.pl	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	accounts.google.com	apis.google.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www18.a8.net	office-qa.com
102	27

This site contains links to these domains. Also see Links.

Domain
fans-google.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 15 frames:

Primary Page: http://office-qa.com/
Frame ID: 9940645995EEA2983D7FE45847B982FB
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 254ED035FA534BE46E1896ADBAB3595E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&adk=1812271804&adf=3025194257&lmt=1592383680&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Foffice-qa.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616043062300&bpp=18&bdt=51&idt=69&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1408665433835&frm=20&pv=2&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=111
Frame ID: A625C21A1E2750F63093A5E24AED9911
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12
Frame ID: 9D6071CB99EA20983C1D0F42246134D5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
Frame ID: 63472C5B2882B36ECE9F1D43656AA1D2
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6
Frame ID: 7B93AC176F779643DCC2987791D83135
Requests: 19 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&hl=ja&origin=http%3A%2F%2Foffice-qa.com&url=http%3A%2F%2Foffice-qa.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 50E0DA1B1D0C55CA0181203FF4B79ED5
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Foffice-qa.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 9112BFE0E4E03A56D0B07F21791C0DA0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html
Frame ID: 45074B1CA9BBC7CF989584C621F53B21
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DC53698FE553408B2D76DE1A7008A0D2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BBFCB185AE749C1105A084785A902A8B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Frame ID: 3827F778E3B9C0041A2EA61648DF8B86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C878E85EA4D0D17E551685EC76BC96E6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Frame ID: 25BE14EA6B7E8E6042A63B39BA9B1B03
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 69BF15E3ECF23D95590643E65A3E9721
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

102
Requests

93 %
HTTPS

62 %
IPv6

18
Domains

27
Subdomains

22
IPs

5
Countries

1100 kB
Transfer

2274 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://fans-google.com/
Title: Google！

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk HTTP 301
https://tpc.googlesyndication.com/simgad/778386939095909474

Request Chain 63

https://rtb.openx.net/sync/dds?google_gid=CAESEEsowZCP0UvxEZMBnBUSlUc&google_cver=1&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEEsowZCP0UvxEZMBnBUSlUc&google_cver=1&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&google_hm=IcNupo-Mx1848cZvkqD_Ng==

Request Chain 64

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBDIIqLcgjJV_EPiwhOX_E8&google_cver=1&google_push=AQvitUJi9MRgLZfXj7qSzXqF9b6zqluTdkjLQpGcxtEk5TX4vs3XYulFeUA88Fw-snxL6nV_wBQ8ZXGgnMgjDxR2M81thZKsIu8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBDIIqLcgjJV_EPiwhOX_E8&google_cver=1&google_push=AQvitUJi9MRgLZfXj7qSzXqF9b6zqluTdkjLQpGcxtEk5TX4vs3XYulFeUA88Fw-snxL6nV_wBQ8ZXGgnMgjDxR2M81thZKsIu8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJi9MRgLZfXj7qSzXqF9b6zqluTdkjLQpGcxtEk5TX4vs3XYulFeUA88Fw-snxL6nV_wBQ8ZXGgnMgjDxR2M81thZKsIu8

Request Chain 65

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPpmTdKqjcOElue_yReZX7Y&google_cver=1&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx67xAgfc9PmCcTnz7v7SF-Vivl7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDQzAtSi1IMTg5&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx67xAgfc9PmCcTnz7v7SF-Vivl7

Request Chain 66

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fjb3Fu94odeF HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fjb3Fu94odeF&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fjb3Fu94odeF&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 83

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk HTTP 301
https://tpc.googlesyndication.com/simgad/778386939095909474

Request Chain 88

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENp5NXNsmhmLXgGb_q0Vj-I&google_cver=1&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG-KGNQ-2sevMwfzqr1atZ8H_BJ0yM3CGtCHLpqgjzWqnQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG-KGNQ-2sevMwfzqr1atZ8H_BJ0yM3CGtCHLpqgjzWqnQ&google_hm=y-wT6vX79JMZuOK_UoGytw

Request Chain 89

https://rtb.openx.net/sync/dds?google_gid=CAESEK3ljN8PeKCfYl88VoDKj7Q&google_cver=1&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM&google_hm=IcNupo-Mx1848cZvkqD_Ng==

Request Chain 90

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKfNkWu4uykBCOYp7BhblFM&google_cver=1&google_push=AQvitUKOPxvtLxn4kgXJlu-iSXQk5rx0N2cQtEvNNjgTfeX74uTg8xKJ2yPr_k_smBvYeIOffIZU3FeD-c7__aLxrLn0qLRdVgGJJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKOPxvtLxn4kgXJlu-iSXQk5rx0N2cQtEvNNjgTfeX74uTg8xKJ2yPr_k_smBvYeIOffIZU3FeD-c7__aLxrLn0qLRdVgGJJA

Request Chain 91

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM9tuRdrIjoaygsXsFpNdAQ&google_cver=1&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZG-reOUt8xI7L0IWQHWqFBTFGf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDRzktMjEtQlVSTA==&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZG-reOUt8xI7L0IWQHWqFBTFGf

Request Chain 92

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdG8erttqPHB4FpUnZMjTw&google_cver=1&google_push=AQvitUKv4GwXOM9G__ewq96hKgMzmIkGEKqpd_lTBhSHiVl2-hSP9m8cLRn3RB7tGC2-DXPpmargJGPDYsyhJIG7oLPBwNx0HTMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKv4GwXOM9G__ewq96hKgMzmIkGEKqpd_lTBhSHiVl2-hSP9m8cLRn3RB7tGC2-DXPpmargJGPDYsyhJIG7oLPBwNx0HTMQ&google_cver=1&google_gid=CAESELdG8erttqPHB4FpUnZMjTw

Request Chain 93

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN3uwa-Wd-MBDtSXyiqLbLA&google_cver=1&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErlYUCgZcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErlYUCgZcA&google_hm=M8TxNeQgTn2qBK0rRP1U0w

Request Chain 94

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAjDW8uLAm8oWXzVJWlXq7Y&google_cver=1&google_push=AQvitUJo9mVwTYOSSz_6jbPvQyBw4SMtjkHILNUeJ36SI4um1xF-P_gQ-4V24UE_oK462URWulYNg2s-5J9nFqhPvEwxNB17NgkarSk HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJo9mVwTYOSSz_6jbPvQyBw4SMtjkHILNUeJ36SI4um1xF-P_gQ-4V24UE_oK462URWulYNg2s-5J9nFqhPvEwxNB17NgkarSk&google_hm=

102 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
office-qa.com/ 32 KB
32 KB 787ms
514ms Document
text/html 219.94.129.65
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://office-qa.com/
Protocol: HTTP/1.1
Server: 219.94.129.65 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1055.sakura.ne.jp
Software: nginx /
Resource Hash: 6e87ca602b3c9c7a2b1a944dd9ed6c2a866a28a8f75729b3c629551b93459422

Request headers

Host: office-qa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 18 Mar 2021 04:51:02 GMT
Content-Type: text/html
Content-Length: 32827
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 08:48:00 GMT
ETag: "803b-5a843b797b000"
Accept-Ranges: bytes

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6115e4ec5e4d07b8e8ee6be75e6d17e186ab794ae9336d08f9690a7ee637f9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 18 Mar 2021 04:51:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 376301678831996034
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50285
X-XSS-Protection: 0
Expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H/1.1 200
OK pro.css
office-qa.com/ 805 B
1 KB 513ms
499ms Stylesheet
text/css 219.94.129.65
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://office-qa.com/pro.css
Requested by: Host: office-qa.com
URL: http://office-qa.com/
Protocol: HTTP/1.1
Server: 219.94.129.65 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1055.sakura.ne.jp
Software: nginx /
Resource Hash: 05d524f2a014f627961fc2955324f2267ed66aada2d5de2f9fd8e1c18bf60a9f

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 04:51:02 GMT
Last-Modified: Wed, 19 Oct 2011 03:46:10 GMT
Server: nginx
ETag: "325-4af9eae408480"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 805

GET
H/1.1 200
OK 0.gif
www18.a8.net/ 43 B
184 B 520ms
498ms Image
image/gif 52.197.33.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www18.a8.net/0.gif?a8mat=1I4GTW+SKTTE+HQW+5Z6WX
Requested by: Host: office-qa.com
URL: http://office-qa.com/
Protocol: HTTP/1.1
Server: 52.197.33.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-33-50.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 04:51:02 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0829586448283906&plah=office-qa.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H/1.1 200
OK yoko2.jpg
office-qa.com/ 710 B
947 B 504ms
490ms Image
image/jpeg 219.94.129.65
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office-qa.com/yoko2.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Server: 219.94.129.65 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1055.sakura.ne.jp
Software: nginx /
Resource Hash: 721e1c3b9681f9cb558380e6a845e7473037adc35dbb16a1198fce8d6d50b86a

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 04:51:02 GMT
Last-Modified: Fri, 11 Dec 2009 03:16:11 GMT
Server: nginx
ETag: "2c6-47a6b587514c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 710

GET
H/1.1 200
OK gray3.gif
office-qa.com/ 290 B
526 B 524ms
510ms Image
image/gif 219.94.129.65
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office-qa.com/gray3.gif
Requested by: Host: office-qa.com
URL: http://office-qa.com/
Protocol: HTTP/1.1
Server: 219.94.129.65 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1055.sakura.ne.jp
Software: nginx /
Resource Hash: c0a161f81cafe4cd2747b1b1fd1e79170aa2385c303d8186f0b336aebd4ac04d

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 04:51:02 GMT
Last-Modified: Fri, 18 Dec 2009 03:08:59 GMT
Server: nginx
ETag: "122-47af80f98e8c0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 254E 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 17 Mar 2021 18:01:35 GMT
expires: Wed, 31 Mar 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 38967
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
639 B 98ms
45ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=office-qa.com&callback=_gfp_s_&client=ca-pub-0829586448283906

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0829586448283906&plah=office-qa.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f9c5212b232a0fffdb565ffa46007d5becc3ef0886241a211ad52c9dcf107650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=office-qa.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=office-qa.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A625 6 KB
874 B 57ms
56ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&adk=1812271804&adf=3025194257&lmt=1592383680&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Foffice-qa.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616043062300&bpp=18&bdt=51&idt=69&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1408665433835&frm=20&pv=2&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=111

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad9a33b440fb500ad7313b05b61b397d93135100256aaf4171a8942c10077571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0829586448283906&output=html&adk=1812271804&adf=3025194257&lmt=1592383680&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Foffice-qa.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616043062300&bpp=18&bdt=51&idt=69&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1408665433835&frm=20&pv=2&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 04:51:02 GMT
server: cafe
content-length: 671
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 05:06:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 04:51:02 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 97 KB
35 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c04853c2db7e9074bc581263c69a030689e3b67a96936d197b575c022746cb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 18 Mar 2021 04:51:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3248577498470170516
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35255
X-XSS-Protection: 0
Expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 50ms
31ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/XTNq2qpUMYK8ZIMn9RLjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-/XTNq2qpUMYK8ZIMn9RLjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 41ms
27ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=office-qa.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 42ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=office-qa.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D60 91 KB
34 KB 491ms
491ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fddef1f47829c5b18db9a8e95a2230d13ce55f0a3a51e85717e579b1319cb936

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzwzMWFue8CFYEW4AodrncFzg&gqi=NtxSYK7GMNqI-gaH4KPoCA&layout=/sadbundle/%24csp%253Der3%24/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzwzMWFue8CFYEW4AodrncFzg&gqi=NtxSYK7GMNqI-gaH4KPoCA&layout=/sadbundle/%24csp%253Der3%24/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 04:51:03 GMT
server: cafe
content-length: 33866
x-xss-protection: 0
set-cookie: IDE=AHWqTUnIqN_twThjjS26LPz-tEtpcHAuiovQLwemJM3T4w3aSie-83lP79MkwUQ-AKA; expires=Tue, 12-Apr-2022 04:51:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6347 76 KB
25 KB 489ms
489ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83c44d283c29964d1f700d53920c22111bb09624401016e9a64de3ec0f4d3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 04:51:03 GMT
server: cafe
content-length: 25526
x-xss-protection: 0
set-cookie: IDE=AHWqTUkZo_7B0RamdIK39C2_jx33HmXwvsTraddF4QKghXr9u-wqDMnOhlkwoeJH0po; expires=Tue, 12-Apr-2022 04:51:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B93 82 KB
27 KB 648ms
648ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb01164fe173a924de2214fd047d2e294e7e6e7d6014e6c0657d8e1bc798a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 04:51:03 GMT
server: cafe
content-length: 27435
x-xss-protection: 0
set-cookie: IDE=AHWqTUm7zdc2NkYq3aXIuDwYmOt1msvFJ10DcWqoh7Nf-Yx47o37mpre98HYlYQy96A; expires=Tue, 12-Apr-2022 04:51:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: private

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
50 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 27138
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:18:44 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 97 KB
34 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 05:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 83879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34488
x-xss-protection: 0
expires: Thu, 17 Mar 2022 05:33:03 GMT

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 50E0 2 KB
1 KB 41ms
36ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&hl=ja&origin=http%3A%2F%2Foffice-qa.com&url=http%3A%2F%2Foffice-qa.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1baa18be42519af08248425b7cf77023ef260c9ccd40c75b9c2d238b1231a0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GmLSpWv3N1nJWcg7TRZAUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&hl=ja&origin=http%3A%2F%2Foffice-qa.com&url=http%3A%2F%2Foffice-qa.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=Qol1SK-MyrWkOzfGej4Do-gLZARv1qnBP1jZfuovLGwt1rkPQORMRTh4hAUS2OeinYjwKGyO4vxTcSnIhhJWTeg7KIDPmw4OH76sApb5Cu30kTnenU-agjk4Zg8WCX-XfgskMTbyvnDD9x1GYbEFFjcCU6WVOl7xViDDlfhaUcU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Mar 2021 04:51:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-GmLSpWv3N1nJWcg7TRZAUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 9112 566 B
861 B 34ms
15ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Foffice-qa.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11636590032cc6176767ffc7ac038cf05b97f414581f27fb4863f74fd40f55dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pBBC1Qhgtrbc0vFJOgPgKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Foffice-qa.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=Qol1SK-MyrWkOzfGej4Do-gLZARv1qnBP1jZfuovLGwt1rkPQORMRTh4hAUS2OeinYjwKGyO4vxTcSnIhhJWTeg7KIDPmw4OH76sApb5Cu30kTnenU-agjk4Zg8WCX-XfgskMTbyvnDD9x1GYbEFFjcCU6WVOl7xViDDlfhaUcU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Mar 2021 04:51:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-pBBC1Qhgtrbc0vFJOgPgKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 50E0 3 KB
3 KB 33ms
14ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&hl=ja&origin=http%3A%2F%2Foffice-qa.com&url=http%3A%2F%2Foffice-qa.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 9112 10 KB
5 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Foffice-qa.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 19:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 17:30:24 GMT
server: sffe
age: 293303
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Mon, 14 Mar 2022 19:22:39 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 9112 12 KB
5 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7010f14d8f1b1421908adffc1e92ee8a2aabc41721d91c3a815636a1fef7b928

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e4aHdCMEdFO5vl7db9S1OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "0ddb10a2b3ff08e343231747939b301e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-e4aHdCMEdFO5vl7db9S1OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 18 Mar 2021 04:51:02 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame 9112 51 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 00:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 16007
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18054
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:24:16 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/ Frame 4507 66 KB
41 KB 33ms
12ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57d9505dc5b64835eef59bac9c26294952d88727e8efbf07c8444744c102bada

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 15 Mar 2021 08:41:25 GMT
expires: Tue, 15 Mar 2022 08:41:25 GMT
last-modified: Wed, 10 Mar 2021 19:14:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 40766
age: 245378
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D60 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBbUENtxSYMz9MIGtgAeu75XwDIq01u5h0pPGkdEN2tkeEAEg2LjFD2CViriCyAegAfCduvIDyAEJqQIXrM86rhu0PqgDAcgDSKoEtwFP0GYI5fdoL-VQUA1XXKImO-pis9cmsIWL3G1plCjMsquVncHo5lllm3mYe1BZNnOHwb-g4kFrJPPGuC9ziUyxNl07NfI-TT47f2jqB643uBfMNpC6EIOlVEG3EdFBkvIYUyJ_wMKi5ny49mQbj-PoGQE-vW87VbGDWr3JYzbRTp7Z3ZUvjDuFwhTEiSYB_a6GiXhrwabRh0sn0j95CGZ--K49BL4IavgJO47JLgMHZLSyqgB_mDjABP6G1-94kgUECAQYAZIFBAgFGASgBi6AB_jhxQ2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ8LEk0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTA4Mjk1ODY0NDgyODM5MDY&sigh=taMLMGDyr4E&template_id=419&tpd=AGWhJmsVdpCOt4xYUpxG4Np5c4zTtOGBvPAOmRmkhy945t5XDA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 04:51:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 9D60 17 KB
7 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:48:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 9D60 2 KB
1 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:31:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D60 117 KB
36 KB 44ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 9D60 13 KB
6 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:30:31 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9D60 0
0 45ms
31ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2JfLMhGivIolTFBxXgPPEmUK0KsgonC0-_aKaZR43sSsflWXUQltVRydgfNejmCP8TFsu7gfPf38Bm96qbURhWY-eYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 6347 2 KB
1000 B 34ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 03:07:32 GMT
server: ESF
date: Thu, 18 Mar 2021 04:51:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 6347 2 KB
998 B 31ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:01:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 6347 17 KB
7 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:48:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 6347 2 KB
1 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:31:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6347 117 KB
36 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 6347 13 KB
6 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:30:31 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6347 0
0 34ms
31ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoCD-84S_n3oaejAB7HIK611O_OXbf3iytS0y_QcVlIV8AF1FTq58BMwDuQZmAlVNMA5CihdQ8K1aQCPueyf3iC2cBng
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 6347 25 KB
11 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:49:38 GMT
server: sffe
age: 584163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 09 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6347 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTPg_NtxSYK7uMcP4gAe8oKzIC-_Pw9Nhi8DN56wMn8SBtpUdEAEg2LjFD2CViriCyAegAf_0_ZkDyAEJqQIgAuV8Ixq0PqgDAcgDywSqBLUBT9AV_idPjIUqAcF66zUOF_ZyU5QNfJleT67ILMS0rPCm118OeokVk5BC01IWW26NDrW163fse4hJHBJzZWr7Nq0DA1a5drhcF5C7pJrQSV0P3SipeoXKnZktdpzqECqcoir_BZ18zPWxH1y3-Zo-463C9q2fjZo9TO_PpoIlbeW8zHdgyclxUKBXvi-kM20gHZbw0QT_8T35VwntSdLm4566mEirQhk9BlQx_uuLU04KFmnoocAE1LrA17MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_yRlzaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOPVINIICQiA4YAQEAEYH4AKAcgLAdgTDIgUBrIXGgoYCAASFHB1Yi0wODI5NTg2NDQ4MjgzOTA2&sigh=BuqytanPv7Y&template_id=494&tpd=AGWhJmvk2J-WvHk2Yjx50KRyeTgpaAQjAKfYDiYvQH7yFu7KXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 04:51:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6347 19 KB
19 KB 36ms
5ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRjNR1erLEujdL6EQKwypJGa1DcX0EcA0McXOUBc33Pt6BVSVqrpH8dKjaSPg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91924861d5504e2065b04fe15d2e9ef151446597028e52ec06d0b516d7dbb6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:56:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 11:32:43 GMT
server: sffe
age: 197682
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19259
x-xss-protection: 0
expires: Tue, 15 Mar 2022 21:56:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6347 15 KB
15 KB 36ms
5ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR95ZkblzHJztAtlOnPMt3rfU-lehgm_1jJ3MwSfVyHNRbwY0qhi5q0Zet0dWY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6101a269ce47468392260ed95d126db18f4b939e97e59c97ee793fff348bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:39:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 08:59:29 GMT
server: sffe
age: 137487
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15357
x-xss-protection: 0
expires: Wed, 16 Mar 2022 14:39:36 GMT

GET
H3-Q050

200

778386939095909474
tpc.googlesyndication.com/simgad/ Frame 6347
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk
https://tpc.googlesyndication.com/simgad/778386939095909474

70 KB
70 KB

35ms
20ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/778386939095909474

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:37:49 GMT
x-content-type-options: nosniff
age: 794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71581
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 14:57:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 04:37:49 GMT

Redirect headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 21:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 26028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/778386939095909474
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Apr 2021 21:37:15 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC53 143 B
220 B 10ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZo_7B0RamdIK39C2_jx33HmXwvsTraddF4QKghXr9u-wqDMnOhlkwoeJH0po
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=90&slotname=4456758888&adk=1262683151&adf=1961248665&pi=t.ma~as.4456758888&w=728&lmt=1592383680&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&wgl=1&dt=1616043062774&bpp=6&bdt=524&idt=6&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AXF49PkMk2&p=http%3A//office-qa.com&dtd=12

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Mar 2021 04:41:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 578
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BBFC 1 KB
1 KB 35ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 03:14:09 GMT
expires: Fri, 19 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5814
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9D60 0
433 B 46ms
14ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzwzMWFue8CFYEW4AodrncFzg&gqi=NtxSYK7GMNqI-gaH4KPoCA&layout=/sadbundle/%24csp%253Der3%24/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4507 9 KB
3 KB 34ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4507 22 KB
9 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/ Frame 4507 1 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 245377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 19:14:55 GMT
server: sffe
date: Mon, 15 Mar 2021 08:41:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:41:26 GMT

GET
H3-Q050 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/ Frame 4507 16 KB
16 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9b43e8d0d0456b6196c5979a9f3430e3d379593c896877207bbc66b46a800e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 245377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16350
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 19:14:55 GMT
server: sffe
date: Mon, 15 Mar 2021 08:41:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:41:26 GMT

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/ Frame 4507 44 KB
44 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fdb4bf289572b8bfe0b513159b3293e04ad88e4e3c86409cb3b56fae309aa9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 245377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44812
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 19:14:55 GMT
server: sffe
date: Mon, 15 Mar 2021 08:41:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:41:26 GMT

GET
H3-Q050 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/ Frame 4507 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/329655581577890711/nt_s21-DE_728x90_aramid-sidewalls/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 245377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 19:14:55 GMT
server: sffe
date: Mon, 15 Mar 2021 08:41:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:41:26 GMT

GET
DATA 200
OK truncated
/ Frame 9D60 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64bfbde61ad03f2b22b54969c39cae9b9753614813695803a9a0c99a5ffc32d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6347 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495e5c0752b52a4990ad78381349ccaea936a6c968693dc1a1045992ba439707

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 6347 20 KB
21 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 551377
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:26 GMT

GET
DATA 200
OK truncated
/ Frame 4507 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-Q050 200 86645057ba4817bae9835c203c8960c4.js Show response
www.gstatic.com/mysidia/ Frame 7B93 6 KB
3 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86645057ba4817bae9835c203c8960c4.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 11:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:49:38 GMT
server: sffe
age: 581353
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2784
x-xss-protection: 0
expires: Wed, 09 Jun 2021 11:21:50 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 7B93 2 KB
969 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 03:15:15 GMT
server: ESF
date: Thu, 18 Mar 2021 04:51:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BBFC 35 B
463 B 23ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIyQwP7d31CyMcANdtPEw6Y&google_cver=1&google_push=AQvitUKkRxB3IZwjYpyNbwdXSSsm-mejfUvDBQzUffo71ynJbwvi-rZFG30KQ1pIRbLIKdaieJTaXSoKYO6G9wKdc6xsWzEiIZg8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame BBFC 43 B
324 B 69ms
25ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAASH9rRIccPHVcWrn99hhY&google_push=AQvitUKyv8-E2JPBlEORyRDG5aiQNmSDB1yZzYytx908Cb7uvzwRBQFOSkO_GO--xzmxeR85vjKGELe_TtgJU4Xd5mR8J7V9LCU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BBFC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEsowZCP0UvxEZMBnBUSlUc&google_cver=1&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg
https://rtb.openx.net/sync/dds?google_gid=CAESEEsowZCP0UvxEZMBnBUSlUc&google_cver=1&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&google_hm=IcNupo-Mx1848cZvkqD_Ng==

170 B
190 B

77ms
47ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&google_hm=IcNupo-Mx1848cZvkqD_Ng==

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:02 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUILXjHc1sHVktvx-rZdaS-FGy0oWRBnrK4smD-IRrh1hRqHC1EabRAxgNFvYmNyd12K6tb-iBH-HESiE_F0LfVmj81q7Kg&google_hm=IcNupo-Mx1848cZvkqD_Ng==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: omuva4krmanpj3p3p0anke5tb73n2pqv

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BBFC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
287 B

76ms
45ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJi9MRgLZfXj7qSzXqF9b6zqluTdkjLQpGcxtEk5TX4vs3XYulFeUA88Fw-snxL6nV_wBQ8ZXGgnMgjDxR2M81thZKsIu8

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJi9MRgLZfXj7qSzXqF9b6zqluTdkjLQpGcxtEk5TX4vs3XYulFeUA88Fw-snxL6nV_wBQ8ZXGgnMgjDxR2M81thZKsIu8
Date: Thu, 18 Mar 2021 04:51:01 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BBFC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPpmTdKqjcOElue_yReZX7Y&google_cver=1&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDQzAtSi1IMTg5&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx67xAgfc9PmCcTnz7v7SF-Vivl7

170 B
190 B

77ms
46ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDQzAtSi1IMTg5&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx67xAgfc9PmCcTnz7v7SF-Vivl7

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDQzAtSi1IMTg5&google_push=AQvitUKZAaOWS-Emp6XQKTMhIstumrT943JkovlefjBvEi38PaaocxQlhFP-6kL6bAtL1FSmNx67xAgfc9PmCcTnz7v7SF-Vivl7
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BBFC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fj...

170 B
190 B

76ms
47ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fjb3Fu94odeF&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1

Requested by

Host: office-qa.com
URL: http://office-qa.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 04:51:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKdycmZBqRMUgYp199EszRNcMxeaLILyVJjvX8aSreOhQ9JQdzv0xTqPFDIvisi10rLb1caXQELxut8si63fjb3Fu94odeF&google_gid=CAESEDDktGsWI2Q9UtydKNT0TsE&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H2 200 trk
ag.innovid.com/ Frame BBFC 43 B
296 B 61ms
19ms Image
image/gif 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDojvr3XRIjGPsG39PFAwpk&google_cver=1&google_push=AQvitUKY22lAyiw9_CwTVdTexeyWhqTgdaFF_TsokzC6ckDVqEyqpuCZgT0TvK1mNHkcKCSdkfkf-QsRqAKvxSm8sW5v1Fu2EiNH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1116957811&adf=1042517904&pi=t.ma~as.3656639817&w=286&fwrn=4&fwrnh=100&lmt=1592383680&format=286x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=286&wgl=1&dt=1616043062791&bpp=5&bdt=541&idt=5&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1293&ady=485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=SOwyyrn3bs&p=http%3A//office-qa.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BBFC 0
227 B 87ms
30ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsOKPoZ-Wy7kn8FnrNLlAZbr0hTp4lRUHkngxWExYCN4_qEg3zbkaTyyR_1hfSyZjeMnKj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC53
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

15ms
15ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm7zdc2NkYq3aXIuDwYmOt1msvFJ10DcWqoh7Nf-Yx47o37mpre98HYlYQy96A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 04:51:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 18-Mar-2021 05:51:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 04:51:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 3aa3fb99195f3894d7dec54cc5b479a1.js Show response
www.gstatic.com/mysidia/ Frame 7B93 8 KB
4 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:49:38 GMT
server: sffe
age: 134313
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Mon, 14 Jun 2021 15:32:30 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 7B93 2 KB
988 B 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:01:28 GMT

GET
H3-Q050 200 6248eab49cfd09ff78cd9d1acc91b01c.js Show response
www.gstatic.com/mysidia/ Frame 7B93 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6248eab49cfd09ff78cd9d1acc91b01c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 210929
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Sun, 13 Jun 2021 18:15:34 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 7B93 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:48:12 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 7B93 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:48:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B93 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 7B93 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:30:31 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7B93 0
0 14ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiEwXZ16LXHqxMSJ3b6nGFTfRmXhxfJ1Y-R2CemWZQjCwkPi8qg8uRjPFVcFvf-P_e7LwVMD-UXD-Zh-VvsFbKpKxTAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 7B93 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:49:38 GMT
server: sffe
age: 584163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 09 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3827 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 131290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:22:53 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4507 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 131290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:22:53 GMT

GET
H3-Q050 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7B93 19 KB
19 KB 34ms
20ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRjNR1erLEujdL6EQKwypJGa1DcX0EcA0McXOUBc33Pt6BVSVqrpH8dKjaSPg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91924861d5504e2065b04fe15d2e9ef151446597028e52ec06d0b516d7dbb6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:56:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 11:32:43 GMT
server: sffe
age: 197682
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19259
x-xss-protection: 0
expires: Tue, 15 Mar 2022 21:56:21 GMT

GET
H3-Q050 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7B93 15 KB
15 KB 34ms
20ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR95ZkblzHJztAtlOnPMt3rfU-lehgm_1jJ3MwSfVyHNRbwY0qhi5q0Zet0dWY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6101a269ce47468392260ed95d126db18f4b939e97e59c97ee793fff348bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:39:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 08:59:29 GMT
server: sffe
age: 137487
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15357
x-xss-protection: 0
expires: Wed, 16 Mar 2022 14:39:36 GMT

GET
H3-Q050

200

778386939095909474
tpc.googlesyndication.com/simgad/ Frame 7B93
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9_CyQEQsAkYsAkyCAHYambP8BMk
https://tpc.googlesyndication.com/simgad/778386939095909474

70 KB
70 KB

6ms
6ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/778386939095909474

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:37:49 GMT
x-content-type-options: nosniff
age: 794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71581
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 14:57:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 04:37:49 GMT

Redirect headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 21:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 26028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/778386939095909474
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Apr 2021 21:37:15 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B93 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKCHTNtxSYMS-M9Li-gaW2Y_4D-_Pw9Nhi8DN56wM6sjp56IaEAEg2LjFD2CViriCyAegAf_0_ZkDyAEJqQIgAuV8Ixq0PqgDAcgDywSqBLUBT9CsYqFmUgvK9Z0AL9bLiS10zxUGLAS4xR8xvl2vKubLi2_pdsDFewJPDppQkUesTUW3NwwJsLgCDSoBG0pewPFCMkQASydrtEehAfPdyyqAIM9ohVJr2B5XNe_EIiyE1leFze3kEX0tVAdGr39BQrk4h-h-2wSFoxYOZ9e5xmvgbAGj0yxdNGVnD5XLC6UCXe5t4p7VIQt3w1d1nUk2Z74Xm2SEvuW9si0uNgguYM-eZ2l0N8AE1LrA17MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_yRlzaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPC8F9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUBrIXGgoYCAASFHB1Yi0wODI5NTg2NDQ4MjgzOTA2&sigh=i9oJri5GlKY&template_id=494&tpd=AGWhJmvfVOvF89u24b0TpyWIfHJ8574ohdVYUrzARDx5_9ZFyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 04:51:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C878 1 KB
750 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 03:14:09 GMT
expires: Fri, 19 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5814
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7B93 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd239822d543a6e77b814aece5bc7df506e67efb56ae2fae43da3df6e5bf44a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 7B93 20 KB
21 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 551377
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:26 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENp5NXNsmhmLXgGb_q0Vj-I&google_cver=1&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG-KGNQ-2sevMwfzqr1atZ8H_BJ0yM3CGtCHLpqgjzWqnQ&google_hm=y-wT...

170 B
190 B

43ms
42ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG-KGNQ-2sevMwfzqr1atZ8H_BJ0yM3CGtCHLpqgjzWqnQ&google_hm=y-wT6vX79JMZuOK_UoGytw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKDgSagFI2iNWNlI7QlVYbMEx3W9V27lhp0R4C9XDsjUpAhyoUKdG-KGNQ-2sevMwfzqr1atZ8H_BJ0yM3CGtCHLpqgjzWqnQ&google_hm=y-wT6vX79JMZuOK_UoGytw
pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEK3ljN8PeKCfYl88VoDKj7Q&google_cver=1&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM&google_hm=IcNupo-Mx1848cZvkqD_Ng==

170 B
190 B

33ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM&google_hm=IcNupo-Mx1848cZvkqD_Ng==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKNHWbEpmreJPPkz-BlGd9vPg70gIiUwPVSUexW0CRjPsmkCIRNGgnTbDGuoKiYvUkP6wMSP7eprGTt8CHU44g5ZCH-AzmM&google_hm=IcNupo-Mx1848cZvkqD_Ng==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 33olprr75s7vg18h3qehqgqpp4b5uj8j

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

33ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKOPxvtLxn4kgXJlu-iSXQk5rx0N2cQtEvNNjgTfeX74uTg8xKJ2yPr_k_smBvYeIOffIZU3FeD-c7__aLxrLn0qLRdVgGJJA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W4fqbEUCTrmJpxisf3W-0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKOPxvtLxn4kgXJlu-iSXQk5rx0N2cQtEvNNjgTfeX74uTg8xKJ2yPr_k_smBvYeIOffIZU3FeD-c7__aLxrLn0qLRdVgGJJA
Date: Thu, 18 Mar 2021 04:51:03 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM9tuRdrIjoaygsXsFpNdAQ&google_cver=1&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDRzktMjEtQlVSTA==&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZG-reOUt8xI7L0IWQHWqFBTFGf

170 B
190 B

33ms
33ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDRzktMjEtQlVSTA==&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZG-reOUt8xI7L0IWQHWqFBTFGf

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FRUJDRzktMjEtQlVSTA==&google_push=AQvitUJeJulrz6yieuzQBpCwhuMSW5YGbKsXQ7-GzjuGuftHLzbMJb5FjUE6ufarndDmkjP9mRZG-reOUt8xI7L0IWQHWqFBTFGf
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdG8erttqPHB4FpUnZMjTw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKv4GwXOM9G__ewq96hKgMzmIkGEKqpd_lTBhSHiVl2-hSP9m8cLRn3RB7tGC2-DXPpmargJGPDYsyhJIG7oL...

170 B
190 B

32ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKv4GwXOM9G__ewq96hKgMzmIkGEKqpd_lTBhSHiVl2-hSP9m8cLRn3RB7tGC2-DXPpmargJGPDYsyhJIG7oLPBwNx0HTMQ&google_cver=1&google_gid=CAESELdG8erttqPHB4FpUnZMjTw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 04:51:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFLcN5Glq6SEagWx6JFJdgAABE0AAAIB&google_push=AQvitUKv4GwXOM9G__ewq96hKgMzmIkGEKqpd_lTBhSHiVl2-hSP9m8cLRn3RB7tGC2-DXPpmargJGPDYsyhJIG7oLPBwNx0HTMQ&google_cver=1&google_gid=CAESELdG8erttqPHB4FpUnZMjTw
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN3uwa-Wd-MBDtSXyiqLbLA&google_cver=1&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErl...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErlYUCgZcA&google_hm=M8TxNeQgTn2qBK...

170 B
190 B

32ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErlYUCgZcA&google_hm=M8TxNeQgTn2qBK0rRP1U0w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJ1D4G16ThCY1oUQ9hYBC8EyJUMcGhREtGMgozBiIjJHgNzSjHjh_GlaQZnv3Czkd5OGGtI4_ouNG1pvZSX0XcUErlYUCgZcA&google_hm=M8TxNeQgTn2qBK0rRP1U0w
pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C878
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAjDW8uLAm8oWXzVJWlXq7Y&google_cver=1&google_push=AQvitUJo9mVwTYOSSz_6jbPv...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJo9mVwTYOSSz_6jbPvQyBw4SMtjkHILNUeJ36SI4um1xF-P_gQ-4V24UE_oK462URWulYNg2s-5J9nFqhPvEwxNB17NgkarSk&google_hm=

170 B
190 B

33ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJo9mVwTYOSSz_6jbPvQyBw4SMtjkHILNUeJ36SI4um1xF-P_gQ-4V24UE_oK462URWulYNg2s-5J9nFqhPvEwxNB17NgkarSk&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJo9mVwTYOSSz_6jbPvQyBw4SMtjkHILNUeJ36SI4um1xF-P_gQ-4V24UE_oK462URWulYNg2s-5J9nFqhPvEwxNB17NgkarSk&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Wed, 17 Mar 2021 04:51:03 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame C878 0
223 B 49ms
44ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWkLefwDdZWPszpnKotj0GXK0mi3jMZe0t-_sHpxAlDTg9QTU1N8dinMgo75NuSjk0E4pXNQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b38c4345d0c0f2792016d1bcf6d49109efcc594e3837e7a5dd817ad9ae55c6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 04:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6503
x-xss-protection: 0

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 25BE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0829586448283906&output=html&h=280&twa=1&slotname=3656639817&adk=1099249159&adf=4068834114&pi=t.ma~as.3656639817&w=307&fwrn=4&fwrnh=100&lmt=1592383680&format=307x280&url=http%3A%2F%2Foffice-qa.com%2F&flash=0&fwr=0&rh=280&rw=307&wgl=1&dt=1616043062821&bpp=3&bdt=572&idt=3&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc4a245193aefd592-224d21631aa700d9%3AT%3D1616043062%3ART%3D1616043062%3AS%3DALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg&prev_fmts=0x0%2C286x280&prev_slotnames=4456758888&nras=1&correlator=1408665433835&frm=20&pv=1&ga_vid=409213502.1616043062&ga_sid=1616043062&ga_hid=78239321&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1272&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068084%2C44738185%2C44739387&oid=3&pvsid=3756888914906048&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WA9N6FciaJ&p=http%3A//office-qa.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 131290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:22:53 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B93 0
111 B 14ms
13ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoqCAQqJm15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QAyEAAFxbj0mKQDAECg0QCiEAAAB-rccRQDAECg0QDSEAAAAAMHqEPzAECg0QHioHMzA3eDI4MDAECg0QGSoHMzA3eDI4MDAECg0QDiEAAAAAMHqEPzAECg0QECEAAAAAQPTaQDAECg0QESEAAAAAgK_KQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QBCEAAMQoXHSKQDAECg0QDyEAAAAAMHqUPzAECg0QFCEAAAAAAJTMQDAECg0QFSEAAAAAAAAcQDAECg0QFiEAAAAAAAAQQDAECg0QBSEAAGx7FHaKQDAECg0QFyEAALBH4fGLQDAECg0QGCEAAGj1KC-NQDAEEhpDTVN4ejhXRnVlOENGVkt4M2dvZGx1d0RfdyISZ3BhL21heGltYWxfdjFfb2NoKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 04:51:03 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 69BF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://office-qa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://office-qa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 02:43:05 GMT
expires: Fri, 18 Mar 2022 02:43:05 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7678
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 69BF 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 16:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 131290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:22:53 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=3756888914906048&bg=!yMuly4_NAAbUo7L91KM7ACkAdvg8WurILDHDlVd9D98YVmKzOGTyraU5fS2c0o30_Ttc36cJLqLFYwIAAABYUgAAAApoAQcKAJw8t5dWu8zXdaql2Ai-XiUkj7pbl5MVF5k6fd8qYOwKIs7qCg_ZkxNWLxRAre8Q4W0_m2rv6UMKmPq1IBlWxIniIiqxQHVpMufHKUM7WZHMZLLJYkCqmBO021imvMzp2f55IQiosCML1u6mQGze2b4oDPs1-k8iizlbWrBv3VNLvWa5KhqJLlfH5UzlG4nu6LNe1Zg_FM98W6pv0eSZAcu2qCZbmHzMjC9Ty-36SFjMuhEA2R4JXcSG3RFQgnvHNjOeJTclpUM-hfVPq5K8KhCN2rtvQ2iSVrko4hqil5B3ks86zc9moIDUReVPL397nHxSs1nACBmzj6sF0qCenouLQDe_fHf6RXiTyk4_Trut8TT7y4zQDtU1aGl6-jSEUtE9y0ElNblgLQuOdgS-8lxPVC5HUF6uv2N6S89-5yCckL-bKTxncsfRYoDKRZf4tgF22YXGyYSN5aO3UkmGLDCX92iJyMRQwyK7iXYwsdUaXVQP6zIJlbBCeJL09sEUHSIXFhpVaWN8TaHqFdxKUC3czL2BjptOjh-wb-5_9Ldf2_dtVBrCDEUvs4ZavUxrmrDDKUJxetkQvB8yDZshJJxVEkvrIXvCYb9yPv_QjKSFP6G8_SOcVUkqbwimFpx9xPKPHgA3ZFFPXxX3gRy129ARKRpjWaHD6Rivv16MP7-kYh-1F1DaVLZuMAg__3Yh0qsrdXsJ9car7NWoVQ-RppawMYhGVZr1SYwsDyhNTegd7ic0CfQH9kKAKt7P7iVn8SENnVCHckOxJ6bE14amZryDPY8J2G20AsCS9yl6ShjI1IHDUHbXjrrHvAs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://office-qa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D60 42 B
92 B 20ms
20ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7unsHj0v8Iz5uJa13uLdMhac-lLUEYoVz1mxuE2yLtYY-1PE79L7TWd5FgcEMR2dngat4wWMv9whtX9SIiAHET8qto83EhgvXPuG8s6t_0LM2zKSq69qKQgmd2Q&sai=AMfl-YQNusl9YeaRjGWGGqcSyHJxyAObHEbd4xnWbJr0YRFPGlohxkg62PEUQ8rh7F3K-10uZtaRxmnzZ3ps7Qxt8u8804Ogn-qEbNvRSA8j4PfpOUk9-oWUcdMh7JT4&sig=Cg0ArKJSzLcjuEJeDRWjEAE&cid=CAASF-RotuUK7O0x8vZR7Qz_BfwxFsQaPqgz&id=osdim&mcvt=1000&p=351,45,441,773&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1262683151&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616043062787&dlt=494&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6347 42 B
66 B 22ms
21ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYZifCZuPRkDb5O22eboQjO1hRai5z-aAkrXKzmocRXoGArJhcbS7ABnIRtvhzlEpuWFX92w4DDAd5QFLgDy-mutE5K8xfjTml_xzOmY0VHHzjq7jxRTnmp2LDew&sai=AMfl-YTHHcpIeZUIDSXpRaW18lAWpGOK22X2ktiDDw8GyJm65QMoWAgsO-xtikwHl9s4YV9KsPryGcXXiCMKNpMoCFBCV1MLH15eG_OROr2GvlwYNwl3LhwY9z1KUOLZ&sig=Cg0ArKJSzHe6jzPdwq1sEAE&cid=CAASF-RoOMc8ty3__TWSWYlo-eDm_oNuPMS3&id=osdim&mcvt=1001&p=485,1236,765,1522&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1116957811&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616043062800&dlt=495&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 04:51:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 21:17:34	Name: NID Value: 211=Qol1SK-MyrWkOzfGej4Do-gLZARv1qnBP1jZfuovLGwt1rkPQORMRTh4hAUS2OeinYjwKGyO4vxTcSnIhhJWTeg7KIDPmw4OH76sApb5Cu30kTnenU-agjk4Zg8WCX-XfgskMTbyvnDD9x1GYbEFFjcCU6WVOl7xViDDlfhaUcU
.doubleclick.net/	1970-01-19 16:54:06	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:15:39	Name: IDE Value: AHWqTUm7zdc2NkYq3aXIuDwYmOt1msvFJ10DcWqoh7Nf-Yx47o37mpre98HYlYQy96A
.office-qa.com/	1970-01-20 02:15:39	Name: __gads Value: ID=c4a245193aefd592-224d21631aa700d9:T=1616043062:RT=1616043062:S=ALNI_MbzEkgcI9Dpn1-nMEGP67biqgsdlg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ag.innovid.com
apis.google.com
cm.g.doubleclick.net
cms.quantserve.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
odr.mookie1.com
office-qa.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssl.gstatic.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www18.a8.net
142.250.185.162
172.217.23.98
185.64.189.115
217.182.200.29
219.94.129.65
23.218.208.246
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
34.98.67.61
35.227.252.103
52.197.33.50
69.173.144.138
05d524f2a014f627961fc2955324f2267ed66aada2d5de2f9fd8e1c18bf60a9f
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11636590032cc6176767ffc7ac038cf05b97f414581f27fb4863f74fd40f55dc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
495e5c0752b52a4990ad78381349ccaea936a6c968693dc1a1045992ba439707
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bb01164fe173a924de2214fd047d2e294e7e6e7d6014e6c0657d8e1bc798a72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
57d9505dc5b64835eef59bac9c26294952d88727e8efbf07c8444744c102bada
5b6101a269ce47468392260ed95d126db18f4b939e97e59c97ee793fff348bcd
5b9b43e8d0d0456b6196c5979a9f3430e3d379593c896877207bbc66b46a800e
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
6115e4ec5e4d07b8e8ee6be75e6d17e186ab794ae9336d08f9690a7ee637f9a2
64bfbde61ad03f2b22b54969c39cae9b9753614813695803a9a0c99a5ffc32d3
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
6e87ca602b3c9c7a2b1a944dd9ed6c2a866a28a8f75729b3c629551b93459422
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
7010f14d8f1b1421908adffc1e92ee8a2aabc41721d91c3a815636a1fef7b928
721e1c3b9681f9cb558380e6a845e7473037adc35dbb16a1198fce8d6d50b86a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320
81fdb4bf289572b8bfe0b513159b3293e04ad88e4e3c86409cb3b56fae309aa9
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
91924861d5504e2065b04fe15d2e9ef151446597028e52ec06d0b516d7dbb6f0
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab
ad9a33b440fb500ad7313b05b61b397d93135100256aaf4171a8942c10077571
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b38c4345d0c0f2792016d1bcf6d49109efcc594e3837e7a5dd817ad9ae55c6a8
c04853c2db7e9074bc581263c69a030689e3b67a96936d197b575c022746cb15
c0a161f81cafe4cd2747b1b1fd1e79170aa2385c303d8186f0b336aebd4ac04d
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
d1baa18be42519af08248425b7cf77023ef260c9ccd40c75b9c2d238b1231a0b
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d83c44d283c29964d1f700d53920c22111bb09624401016e9a64de3ec0f4d3dd
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dd239822d543a6e77b814aece5bc7df506e67efb56ae2fae43da3df6e5bf44a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905
f9c5212b232a0fffdb565ffa46007d5becc3ef0886241a211ad52c9dcf107650
fddef1f47829c5b18db9a8e95a2230d13ce55f0a3a51e85717e579b1319cb936

office-qa.com Open in urlscan Pro 219.94.129.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

102 Requests

93 %HTTPS

62 %IPv6

18 Domains

27 Subdomains

22 IPs

5 Countries

1100 kBTransfer

2274 kBSize

4 Cookies

1 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

office-qa.com Open in urlscan Pro
219.94.129.65 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

93 %
HTTPS

62 %
IPv6

18
Domains

27
Subdomains

22
IPs

5
Countries

1100 kB
Transfer

2274 kB
Size

4
Cookies

102 HTTP transactions
4 data transactions