www.guest-articles.com Open in urlscan Pro
2606:4700:3035::ac43:8e67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
Submission Tags: falconsandbox
Submission: On May 01 via api (May 1st 2021, 4:53:14 pm UTC) from US

Summary HTTP 109 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 25 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3035::ac43:8e67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.guest-articles.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 30th 2020. Valid for: a year.

This is the only time www.guest-articles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3035::ac43:8e67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3033::ac43:bbe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	209.140.148.26 209.140.148.26	11643 (EBAY) (EBAY)
1	184.30.25.27 184.30.25.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
14	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1 1	18.194.113.221 18.194.113.221	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2012	15169 (GOOGLE) (GOOGLE)
1	142.250.186.178 142.250.186.178	15169 (GOOGLE) (GOOGLE)
109	27

5 2606:4700:3035::ac43:8e67 (United States)

ASN13335 (CLOUDFLARENET, US)

www.guest-articles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.guest-articles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bbe6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dreampirates.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.148.26 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-web-public-1-3-slcaz02.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-27.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.241 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.113.221 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.178 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f18.1e100.net

p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	554 KB
28	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	106 KB
15	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com	255 KB
5	googletagservices.com www.googletagservices.com	168 KB
5	guest-articles.com www.guest-articles.com img.guest-articles.com	49 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	4 KB
4	google.com 1 redirects adservice.google.com www.google.com	693 B
3	openx.net 3 redirects rtb.openx.net	989 B
3	googleapis.com fonts.googleapis.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	rlcdn.com 2 redirects id.rlcdn.com	891 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	915 B
2	quantserve.com cms.quantserve.com	675 B
2	google.de adservice.google.de	921 B
2	googletagmanager.com www.googletagmanager.com	81 KB
1	agkn.com 1 redirects d.agkn.com	765 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	327 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	ebaystatic.com secureir.ebaystatic.com	487 B
1	ebayadservices.com 1 redirects www.ebayadservices.com	533 B
1	googleadservices.com partner.googleadservices.com	645 B
1	dreampirates.in www.dreampirates.in	1 MB
1	jquery.com code.jquery.com	30 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
109	25

	Domain	Requested by
23	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	cm.g.doubleclick.net	googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	www.guest-articles.com	www.guest-articles.com ajax.cloudflare.com
3	rtb.openx.net	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id.rlcdn.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	ajax.cloudflare.com www.googletagmanager.com
1	p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com
1	p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com
1	d.agkn.com	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.everesttech.net	1 redirects
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	img.guest-articles.com
1	www.dreampirates.in
1	code.jquery.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.guest-articles.com
109	35

This site contains links to these domains. Also see Links.

Domain
imperial.instructure.com
www.dreampirates.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-30` - `2021-10-29`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.ebay.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-04-27`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
Frame ID: 64CD77AF74F5684EA60D96E0B8A9249B
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: ADD5AE167B7196594A38694F24A42EE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977058&bpp=13&bdt=146&idt=58&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6103576995356&frm=20&pv=2&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L5MYB6nWSZ&p=https%3A//www.guest-articles.com&dtd=78
Frame ID: 0851333D871672FFB4C3CF693F292C0B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619887977&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977071&bpp=3&bdt=160&idt=73&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cHQnIeqp3P&p=https%3A//www.guest-articles.com&dtd=77
Frame ID: E32D63434F75E2562658795AD677FB0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78
Frame ID: 476C83D7A46235DB92F68C552D26AE26
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619887977&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977078&bpp=1&bdt=166&idt=76&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=82
Frame ID: 8F572F7719F5525902EF978E24956313
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 34616E7504BFDB7A8F478704B5207451
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18
Frame ID: 41338D4D6773D2FF9B7083512E7CB389
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23
Frame ID: 4BB83842FDFE75740D7E620489E8339F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C8CB46A8DC12F14AB3E260FCD7551B3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 74E3C5E98B7F7B8513C338B0FC78D86C
Requests: 2 HTTP requests in this frame

Frame: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 6AF20777FBC515DBB7B61784837BCBF0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BD8667B77A3FAD969789B85E6AB737E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: 866F1BA2610135C672017D93F52794BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: AB38A2B7012E0C86D4372B2761A003BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: F88576DDA89B71056A863538BE75FD13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: 3533A04B0526A5BDDA839F119B3D394D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

109
Requests

100 %
HTTPS

61 %
IPv6

25
Domains

35
Subdomains

27
IPs

6
Countries

2766 kB
Transfer

4273 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://imperial.instructure.com/eportfolios/15563/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021
Title: https://imperial.instructure.com/eportfolios/15563/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021

Search URL Search Domain Scan URL

URL: https://imperial.instructure.com/eportfolios/15564/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021
Title: https://imperial.instructure.com/eportfolios/15564/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/Wrath_of_Man__cijeli_films_Prijevodom_na_Hrvatski_2021

Search URL Search Domain Scan URL

URL: https://imperial.instructure.com/eportfolios/15565/Mainstream__cijeli_films_Prijevodom_na_Hrvatski_2021/Mainstream__cijeli_films_Prijevodom_na_Hrvatski_2021
Title: https://imperial.instructure.com/eportfolios/15565/Mainstream__cijeli_films_Prijevodom_na_Hrvatski_2021/Mainstream__cijeli_films_Prijevodom_na_Hrvatski_2021

Search URL Search Domain Scan URL

URL: https://imperial.instructure.com/eportfolios/15566/Benny_Loves_You__cijeli_films_Prijevodom_na_Hrvatski_2021/Benny_Loves_You__cijeli_films_Prijevodom_na_Hrvatski_2021
Title: https://imperial.instructure.com/eportfolios/15566/Benny_Loves_You__cijeli_films_Prijevodom_na_Hrvatski_2021/Benny_Loves_You__cijeli_films_Prijevodom_na_Hrvatski_2021

Search URL Search Domain Scan URL

URL: https://imperial.instructure.com/eportfolios/15567/The_Water_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/The_Water_Man__cijeli_films_Prijevodom_na_Hrvatski_2021
Title: https://imperial.instructure.com/eportfolios/15567/The_Water_Man__cijeli_films_Prijevodom_na_Hrvatski_2021/The_Water_Man__cijeli_films_Prijevodom_na_Hrvatski_2021

Search URL Search Domain Scan URL

URL: https://www.dreampirates.in/
Title: DreamPirates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnw6mFRxCwCRiwCTIIwAwarVHbLMA HTTP 301
https://tpc.googlesyndication.com/simgad/12925602498586286455

Request Chain 45

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=3861436722&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 63

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHNTfJEm-DBx2uQM4uK86itGrz4nk71kwhhiJW-3uu5OquaMN2Kzdgsb6Tg&google_gid=CAESEKym6vRz4TfIRuG3r06SEhA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkySGFnQUFBYXZwN3hYSw&google_push=AQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHNTfJEm-DBx2uQM4uK86itGrz4nk71kwhhiJW-3uu5OquaMN2Kzdgsb6Tg

Request Chain 64

https://rtb.openx.net/sync/dds?google_gid=CAESEHoNS0MnKcSgIgc94iCbCjw&google_cver=1&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHoNS0MnKcSgIgc94iCbCjw&google_cver=1&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&google_hm=FHf1urDtwfYSux9wbzn_EA==

Request Chain 65

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFk3gr4b8Hndqgypy_3NZnE&google_cver=1&google_push=AQvitUKCQuWPm6uyyb6LkBJpQyJCEnIoWACJN0nCezuA0BkaxURg1ux4tNPVT6wFEy0Csc3JkAiE_99UqV8VFO0VDFmJTSN5j6k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFk3gr4b8Hndqgypy_3NZnE&google_cver=1&google_push=AQvitUKCQuWPm6uyyb6LkBJpQyJCEnIoWACJN0nCezuA0BkaxURg1ux4tNPVT6wFEy0Csc3JkAiE_99UqV8VFO0VDFmJTSN5j6k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u9jUB23PT_umvsoeiwZUzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCQuWPm6uyyb6LkBJpQyJCEnIoWACJN0nCezuA0BkaxURg1ux4tNPVT6wFEy0Csc3JkAiE_99UqV8VFO0VDFmJTSN5j6k

Request Chain 66

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENYvETZ_Znwi5JAXz-vDw1M&google_cver=1&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3YwBTnXRlHVVTnC3qnrdMjPUFo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3QkstNi00NUZJ&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3YwBTnXRlHVVTnC3qnrdMjPUFo4

Request Chain 67

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_cver=1&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ62xXx2u5KQqXWyzjiHpiyBn6NCiSAgU8SlX6LLT6L31zL2bm0Iz2eCXDVUsWg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_cver=1&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ62xXx2u5KQqXWyzjiHpiyBn6NCiSAgU8SlX6LLT6L31zL2bm0Iz2eCXDVUsWg&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2Hap8OaJDsK3dyY9mevgAABHMAAAAB&google_cver=1&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ62xXx2u5KQqXWyzjiHpiyBn6NCiSAgU8SlX6LLT6L31zL2bm0Iz2eCXDVUsWg

Request Chain 68

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEON8qvEBrrMe8aMmBGTSXc8&google_cver=1&google_push=AQvitUL_WqeGOgsVUzFZ9LRNo1NjlaYxZI9zpXXMPTBfY7cSoKZg6-XuToBrnPv2rbz9rGdZ4vRmCEcEOT_RPvJsNu1pi9YdZbrK HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL_WqeGOgsVUzFZ9LRNo1NjlaYxZI9zpXXMPTBfY7cSoKZg6-XuToBrnPv2rbz9rGdZ4vRmCEcEOT_RPvJsNu1pi9YdZbrK&google_hm=1dneaywivkqvnmfllxrkobxbbymc

Request Chain 92

https://d.agkn.com/pixel/2175/?google_gid=CAESELqz3T1R-hMPcCDlazMBYic&google_cver=1&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA&google_hm=Q0FFU0VMcXozVDFSLWhNUGNDRGxhek1CWWlj

Request Chain 93

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUITm-fJ_Iq6heXiJIOzmORSLhuquboYTU9rqC7D1xrbzgNGbwuuqoy1kv13FMVyJUtbGrluyNdME-NE0eC6HleZux8ko9J1Ig&google_gid=CAESEO7vXryRqP0umZz_GxcVwP8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOqOtoQGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJVG0tZkpfSXE2aGVYaUpJT3ptT1JTTGh1cXVib1lUVTlycUM3RDF4cmJ6Z05HYnd1dXFveTFrdjEzRk1WeUpVdGJHcmx1eU5kTUUtTkUwZUM2SGxlWnV4OGtvOUoxSWc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSzhmT1hMTjZ5cUktYXZKNlgyZnVrUEEzMzFmNURJc0Jnb3hlSWtmbXVxYw==&google_push

Request Chain 94

https://rtb.openx.net/sync/dds?google_gid=CAESELawCf9COsR4BTQqLmnDqtw&google_cver=1&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg&google_hm=FHf1urDtwfYSux9wbzn_EA==

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENEvJQsJsny5U8_4r1O6h_Q&google_cver=1&google_push=AQvitUKoP58SGSLNDCXbumYNm3q4rAu5gl7hhZdgNNt_A1zGtgswRKe3NJheK-tknUUnW2YHQqwCayJZS3JJvkpPjlIsqsKK-A3Vcg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENEvJQsJsny5U8_4r1O6h_Q&google_cver=1&google_push=AQvitUKoP58SGSLNDCXbumYNm3q4rAu5gl7hhZdgNNt_A1zGtgswRKe3NJheK-tknUUnW2YHQqwCayJZS3JJvkpPjlIsqsKK-A3Vcg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bkx2SiJaQjGRNKfHGtoGXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKoP58SGSLNDCXbumYNm3q4rAu5gl7hhZdgNNt_A1zGtgswRKe3NJheK-tknUUnW2YHQqwCayJZS3JJvkpPjlIsqsKK-A3Vcg

Request Chain 96

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDqzoxETd7NhtANxuxUbxFk&google_cver=1&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-sGBUPDtz3uIP9HrxVflDd7TrVRJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3RVUtRC1JRkw0&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-sGBUPDtz3uIP9HrxVflDd7TrVRJg

Request Chain 97

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlLIyphfBVKZjgA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlLIyphfBVKZjgA&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2HavFJkhMDiA1nev7wzAAABKUAAAAB&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlLIyphfBVKZjgA&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

109 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request behind-ngolo-kantes-smile-01-05-2021 Show response
www.guest-articles.com/sports/ 26 KB
8 KB 240ms
210ms Document
text/html 2606:4700:3035::ac43:8e67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: a765a284649afbb909b6d12da5a089ae26f59cbeb6f7a247f0cf6ac5c896bba2

Request headers

:method: GET
:authority: www.guest-articles.com
:scheme: https
:path: /sports/behind-ngolo-kantes-smile-01-05-2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d951e2016a763d3d9a3dc8a2212f7b4451619887976; expires=Mon, 31-May-21 16:52:56 GMT; path=/; domain=.guest-articles.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=eb48abe58779a6a5c413e8fb21fc65dc; path=/; secure
x-powered-by: PHP/7.4.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 09ca72090000004aaac2078000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fKIeTSvYaAiWA%2BMh%2BMffLEbnt7xgE3X2XDxp6JMJ80pSL4fQYXPobYuRUjcK1E03KddSRfwibLEulNZ7P422bL%2F3K70H38GgCK7%2BYK5qm4hzD1mA4I5O0UtYGyvviQi7D80e"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 648a85ee6d6f4aaa-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 bootstrap.min.css
www.guest-articles.com/admin/css/ 156 KB
21 KB 36ms
24ms Stylesheet
text/css 2606:4700:3035::ac43:8e67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/admin/css/bootstrap.min.css
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

:path: /admin/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=d951e2016a763d3d9a3dc8a2212f7b4451619887976; PHPSESSID=eb48abe58779a6a5c413e8fb21fc65dc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 733117
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ca7209e00000c2bd28a88000000001
last-modified: Wed, 22 Apr 2020 15:09:45 GMT
server: cloudflare
etag: W/"26f1b-5ea05e39-9654748b9919a61a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b313KfELfEAHgwKd6DKwu%2FSVq4plsNvusTc1KG%2FzWLNPNHmo67b7UoC7j8OYtPgd5HaObJdCdq6eyakVh41IvB0PwezSZvwXdQwy7IDy7YiAeZgdP4TSHdn5I23yBn%2BVObp1"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 648a85efc8e2c2bd-FRA
expires: Sun, 23 May 2021 05:14:19 GMT

GET
H3-29 200 logo2.png
www.guest-articles.com/ 4 KB
5 KB 29ms
17ms Image
image/png 2606:4700:3035::ac43:8e67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guest-articles.com/logo2.png
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7

Request headers

:path: /logo2.png
pragma: no-cache
cookie: __cfduid=d951e2016a763d3d9a3dc8a2212f7b4451619887976; PHPSESSID=eb48abe58779a6a5c413e8fb21fc65dc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 733117
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4363
cf-request-id: 09ca7209e00000c2bde5a00000000001
last-modified: Thu, 26 Dec 2019 10:06:17 GMT
server: cloudflare
etag: "110b-5e048619-7fa20e768bf2fb9c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n%2BMrGr0rFne8acf9Wfj47FalHuqiJun2Gj1MMrUPiMJ2oA8BBJ7DvV3PMEhZ%2BPDkP%2BDqQLfEzPRZztTezF%2BeH9VXO0jP80cQ9K5NKcRubg87vXpScEGxNaaOIebraohaQa9b"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 648a85efc8e4c2bd-FRA
expires: Sat, 23 Apr 2022 05:14:19 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 24ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.guest-articles.com
URL: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 09ca7209e300004e1f7fb63000000001
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"608bc887-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E%2BCJ33HDTrE7o2SOcQwAFaHkuFExXySDX4%2FCQVvMXcK%2Fng%2FMEEwArXFWai4xwzHTEK6IxfD3vVWZI5Dtlx7iHMF%2B9p2%2BsnPia%2BRs12sVPfdgFmj79GZw2vDZgE0puoqA"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 648a85efd8064e1f-FRA
expires: Mon, 03 May 2021 16:52:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a900be1d59c6dbaf1e5f0caece75c5b1478693af60d2ea909a8af71f017192fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36771
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:56 GMT

GET
H3-29 200 bootstrap.min.js Show response
www.guest-articles.com/admin/js/ 59 KB
15 KB 22ms
21ms Script
application/x-javascript 2606:4700:3035::ac43:8e67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/admin/js/bootstrap.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

:path: /admin/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=d951e2016a763d3d9a3dc8a2212f7b4451619887976; PHPSESSID=eb48abe58779a6a5c413e8fb21fc65dc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/sports/behind-ngolo-kantes-smile-01-05-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 123155
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ca7209f20000c2bd45242000000001
last-modified: Wed, 22 Apr 2020 15:09:45 GMT
server: cloudflare
etag: W/"ea6a-5ea05e39-8519513de6195075;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=klLcO2O9mrE0a5JNQjgZ7%2B02e9RyxHZ00C408o1ZPr2Eap4U02iWYrvJPC%2BXAQvW%2FvRDGW9qj%2BrGPneXGkuHhaL5ZiPncoh9adlrx4VYriK9H%2BXUnqGaFLo08bAHl4XL%2Brn3"}],"max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 648a85efe908c2bd-FRA
expires: Fri, 07 May 2021 06:40:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 16:52:56 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 23ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://www.guest-articles.com
Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:56 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1619887976.dop239.fr8.t,1619887976.cds236.fr8.hc,1619887976.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 24-12-2019-4996-football-ball-exercise-water-abstraction.jpg
www.dreampirates.in/wallpaper/sport/img/ 1 MB
1 MB 81ms
52ms Image
image/jpeg 2606:4700:3033::ac43:bbe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dreampirates.in/wallpaper/sport/img/24-12-2019-4996-football-ball-exercise-water-abstraction.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:bbe6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f02dc4a0fb470b98e7f7742a93f1ed363b8184c89ce695a97c63ad75a45bf35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1526661
cf-request-id: 09ca720a63000063ad8ca2a000000001
last-modified: Tue, 24 Dec 2019 17:26:21 GMT
server: cloudflare
etag: "174b85-5e024a3d-2414c1d90b3ef93d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j5YDCFaBg%2FN4cL7yjKbtlr6mk2uDca%2FkCYsqoSYAraqi2Hci74wm8wgWSy2Umv2pDE6sOSssQuq2qtPc%2Bckk3WtF%2B3f%2FDJHRVkBHOgZ%2Ff6%2BpHIQKKZiGS01eRce0djyL"}]}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 648a85f09d3963ad-FRA
expires: Sun, 01 May 2022 16:52:57 GMT

GET
H2 404 5049anthony-martial_169.jpeg.webp
img.guest-articles.com/15-02-2021/ 0
0 46ms
36ms Image
text/html 2606:4700:3035::ac43:8e67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.guest-articles.com/15-02-2021/5049anthony-martial_169.jpeg.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5395059096458965&plah=www.guest-articles.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame ADD5 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 01:20:46 GMT
expires: Sat, 15 May 2021 01:20:46 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 55931
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

982fa18d3f3f2c0e473a172c5cc0a327b9f57fc98f78c56a5b0b4ec9a132cd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46080
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
645 B 167ms
75ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.guest-articles.com&callback=_gfp_s_&client=ca-pub-5395059096458965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5395059096458965&plah=www.guest-articles.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

870262eae24ba5935609592a8ee206eed118631d869f05f22c579dd68f89046e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0851 74 KB
24 KB 615ms
601ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977058&bpp=13&bdt=146&idt=58&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6103576995356&frm=20&pv=2&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L5MYB6nWSZ&p=https%3A//www.guest-articles.com&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e89cc5c0e0e4a0368f0578542ac3dddb9a3a7a26caa05c950fdc14e664799fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977058&bpp=13&bdt=146&idt=58&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6103576995356&frm=20&pv=2&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L5MYB6nWSZ&p=https%3A//www.guest-articles.com&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 24113
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 17:07:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 33ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb40a1d4b9c6d445d0837e4365195a058d3839f047371aa0154e6b5b4682fb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E32D 405 B
226 B 329ms
326ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619887977&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977071&bpp=3&bdt=160&idt=73&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cHQnIeqp3P&p=https%3A//www.guest-articles.com&dtd=77

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e8d28a2e8baf41eab5e672b847a33681531a0f8b0889292936fe95e1e81b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619887977&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977071&bpp=3&bdt=160&idt=73&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cHQnIeqp3P&p=https%3A//www.guest-articles.com&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 17:07:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 476C 71 KB
24 KB 658ms
657ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d832a6d9c0aaf3dabad65dc20c637d4b2c025500f987e3eb21dbdf367df1e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 24088
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 17:07:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F57 16 KB
1 KB 80ms
80ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619887977&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977078&bpp=1&bdt=166&idt=76&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54b14d96cebf1df7986d63b77b853ba6aff246a5a70f686b3080b86df5b153bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619887977&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977078&bpp=1&bdt=166&idt=76&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 1192
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 17:07:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

POST
H2 204 collect
www.google-analytics.com/g/ 0
106 B 13ms
12ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3ZP9LWFNVK&gtm=2oe4l3&_p=881080338&sr=1600x1200&ul=en-us&cid=1378782914.1619887977&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&dt=Behind%20NGolo%20Kantes%20Smile%20%7C%20Guest%20Articles&sid=1619887977&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guest-articles.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4342
date: Sat, 01 May 2021 15:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 01 May 2021 17:40:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=881080338&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&ul=en-us&de=UTF-8&dt=Behind%20NGolo%20Kantes%20Smile%20%7C%20Guest%20Articles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=964583793&gjid=1284110738&cid=1378782914.1619887977&tid=UA-66414585-12&_gid=885387963.1619887977&_r=1&gtm=2ou4l3&z=831458190

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guest-articles.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3461 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 16:12:29 GMT
expires: Sun, 01 May 2022 16:12:29 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2428
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4133 84 KB
26 KB 351ms
351ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bec548677c704432d13e6e69c14a1ede1ff1c1d668caf767ae88cf10b77694a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 26968
x-xss-protection: 0
set-cookie: IDE=AHWqTUm7P9mlbXmET4YSnp8g_sTU0pK9OyaixGFuJTcKSYtY7ppJQw3uOlDOsnuSQAc; expires=Thu, 26-May-2022 16:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BB8 60 KB
23 KB 365ms
365ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef5ce6a7326d7b0c7b430da894fff16486f5f3dc7494549bc598fe2f6c572cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 16:52:57 GMT
server: cafe
content-length: 23985
x-xss-protection: 0
set-cookie: IDE=AHWqTUkctAtxCowrCAqlHcCfmcqER22i5srXR1xf43h0hczFPZuEPZiMctu0Cq1eZv0; expires=Thu, 26-May-2022 16:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:57 GMT
cache-control: private

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3461 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 109243
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=415677829569616&bg=!U1ClUBTNAAZLnZBaS507ACkAdvg8WlfGQy0nP2VT3uYL-K-i2BDtrzRc7FTlj_oXe30RasxkDX6SHAIAAABUUgAAAA5oAQcKABPEJETCqhXRrEY-KGkvhcXi1kE7mQJJ7sJM3x8_PD25ndkVkcwyMNGivnOluh5ZEp-DPKNnr3OkeF4_JGVnwhE8JoY879nr99xmsXR9UaophYmQMWiP9GS2MVuZGr2d7OWh5Qg7_yKWDVSRk5rNWnvYseyD2KZp5BQ7lfMnssrXxdYHqt-VUvp79mXw6HYnSCaoV4x1Lj2mqYAA7Hngk09CBGS8CWqSn5pH3uw8JJ8VN0RlB0K_tfIZp5dX9gJ2TWNnhBo-KGNysUG2sOIobemzsnA_mJP3z1bSi0cGOw45WTmuyNFhvIF3AZGOmjqk8Y8zSnXTTfTWAbixaYHcpWRwflLNDj0gYRBC3TwRtT5x-Ls3NxB2kcTDipukvoxx4lWVvfmihy4A8v2VTkLMYtFv968YPM5SE_jn-iP-2KaWiDP3rPC6QtphOuJTOLE-uqhcou45DBG84eqBsqLyN-aSixhlElWGKRePlDdGHmlNz7HJcse1A3_AycWZTnAsKCsd7b-dwx4aO1CeEt-JvU26jWI8pzrc6FdZebYd_MbwxM-CQ-vIs1eOcFmzbayd3z0yG0c3xRsbWydgrPy7DgWy9ThydWazwfmBGoHJCEhuBUEXldBtsjQ9OekuorRF8TW2F1Km_SV2EtZJUmXdt_lzCWA4KPt0zgm8DnFUR1gvzVul5x3MDiVGAZ7y8KrnyekU0zIov3S7ymuOB31QwmwpMw0E3rp88wyh7W2aG70jiLHyIT17J_wvYsHx1HOCTakie1quLnD6keTXE1IJzTzssnSpB7-GEGvYc4POCdmh

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4133 2 KB
627 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 16:10:03 GMT
server: ESF
date: Sat, 01 May 2021 16:52:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4133 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:27:39 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 4133 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:49:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4133 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:52:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4133 116 KB
35 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4133 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:51:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4133 0
0 15ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvDN0ISm19_-mbelR___SHQA-KomEvToLa267KKoiQ-DocSswjXXPW9GWZKXCPQ0hrLlGXwCfqEMjyorbXh0gCTQXoiQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 4133 25 KB
11 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 273071
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4133 38 KB
38 KB 27ms
5ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSqWVniC4OgnAkeQYoYOZwB75x-NIWxLW7sfWB3RzZQrQGKO4VL1zUVP3HA1A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f1d101e539c87c8b7394b39152fc4fb0b90c6491889830bb0a8c0136bdae61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Dec 2020 06:29:42 GMT
server: sffe
age: 226185
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38514
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:12 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4133 51 KB
51 KB 34ms
13ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ5HLj4B_jP23QzLk21f4ykAoGgXRn096CbYwgA2hDg2FH-67kWRybEuPHhAw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ea07ec1d48b48a32d09d0e16ba78c3ccd455506de302473f681d0d2dedaf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Oct 2020 08:34:37 GMT
server: sffe
age: 542959
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51781
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4133 26 KB
27 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSfer_wPLooPUJ-HerL7ao-5lEpCw9OkgO6VL3d3LnDLpTOmmWNV6XisWoRmA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9d2aab9984a7518beab5f3913f373275d6f870b1f64503c346615afb4221ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 14:06:48 GMT
server: sffe
age: 132953
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26795
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:04 GMT

GET
H3-29

200

12925602498586286455
tpc.googlesyndication.com/simgad/ Frame 4133
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnw6mFRxCwCRiwCTIIwAwarVHbLMA
https://tpc.googlesyndication.com/simgad/12925602498586286455

93 KB
93 KB

8ms
7ms

Image
image/jpeg

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12925602498586286455

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2780027c5d6e248dacc3b2b78e52f91f2ebbe919c329aa80035ae5430e0573a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 542959
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95649
x-xss-protection: 0
last-modified: Tue, 07 Jan 2020 21:29:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:03:38 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:35:31 GMT
x-content-type-options: nosniff
server: cafe
age: 4646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12925602498586286455
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 May 2021 15:35:31 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 4133
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=3861436722&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
487 B

146ms
51ms

Fetch
image/gif

184.30.25.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-25-27.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-0:80
akamai-grn: 0.96247e68.1619887978.7c980cb
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
date: Sat, 01 May 2021 16:52:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*agt3q%28rbpv670%3D-1756a7c1418-0xd7
access-control-allow-headers: *
expires: Sun, 01 May 2022 16:52:58 GMT

Redirect headers

Date: Sat, 01 May 2021 16:52:58 GMT
Strict-Transport-Security: max-age=31536000
Location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Cache-Control: private,no-cache,no-store
RlogId: t6baubqsodf%3F%3Ctofgcp%60tqjfc*oir%3F1%28rbpv6770-17928d8f78e-0x2361
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4133 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5ctPaYeNYPjFFoChmLAPvOOiGI25zZFizMfQ__0L84K2oKwYEAEghK_RI2CVAqAB7YPNwQPIAQmpAg5Mg9KHKrQ-qAMByAPLBKoE4QFP0PiDW4mASsiqEAeSiX_078fn85T_fdUOdifC_VRhMY48ulu3GH1zcIVPqu4dwSxkISxCdbtaweQ5Ev2wQeG0mwgnYpzIb5q3u9nCP1hKmbxQmS6gtN72YOYU_5Nu3MxKm2B3lI23xnVjfIABOLxJ47JuaqvEXitIHx-mrTIhKKXSLTnugzSwYSz4365qtuz7ZgzL7pIi9qQveTErO84USYPLTrNj5FBqDxkFa8KaeDSti9YN_NhMxQ7J2rnyMNCfOTNbAixsjUhcwvpHQxRVBg2qZaKTxI5LyYrIr4ZOw0XABPaHt_vBApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf7-7I-qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDi_wjSCAkIgOGAEBABGB-ACgHICwHYEwuIFAWYFgGyFxoKGAgAEhRwdWItNTM5NTA1OTA5NjQ1ODk2NQ&sigh=Q4NFjx3Mvwk&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.4~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oEM52jDFPD&p=https%3A//www.guest-articles.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 16:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7C8C 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 06:38:34 GMT
expires: Sun, 02 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 36863
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 11228573359447230318
tpc.googlesyndication.com/daca_images/simgad/ Frame 4BB8 134 KB
134 KB 11ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11228573359447230318

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d13d6e2452182ed1cc3b7763f4b02579a71462f48ae18f963f4d1471462effe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:44:07 GMT
x-content-type-options: nosniff
age: 176930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137363
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 06:01:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 15:44:07 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 4BB8 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:49:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4BB8 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:52:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BB8 116 KB
35 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4BB8 13 KB
5 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:51:45 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4BB8 25 KB
10 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 12:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10468
x-xss-protection: 0
server: cafe
etag: 16391357189745862645
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 12:02:02 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4BB8 0
0 45ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClRAXaYeNYNzpFqOKmLAPmY2pwA7O86CsYoWnpcnbCL_hHhABIISv0SNglQKgAdrxgfUCyAECqAMByAPJBKoE5QFP0GzCj66zzxhuG7b1Xq6ODpBpzcQsE2-aqKIq_1pN6PfKo7LII9YG4lXgH6RQq_NVqa7QM42dEHT0q7dnNlx-cWXkOitG389Fub_96maLtdCR9T6JcwFw4Ow0fEk0xSsA3R1OoINx2tX6Z4lG7DiDgOwBG6oJLNKjSwS2zuONblxgevMFVjLop0T6YtMXn9veocjVBe1Tq23UldMvFmPTFkp8W6dQHXAxUe1TSNFl3roU9E04C30o6vXDJvE8xHMxB3ZwV5G-wsbO_vrERhBVf0vtLceLYxdqoS2_Atr0nV_-N_y-wATB9oX-ggKSBQQIBBgBkgUECAUYBKAGAoAHjo7-igGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQvagD0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTUzOTUwNTkwOTY0NTg5NjU&sigh=5OHma1DIui8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 16:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74E3 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkctAtxCowrCAqlHcCfmcqER22i5srXR1xf43h0hczFPZuEPZiMctu0Cq1eZv0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 15:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3362
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6AF2 247 B
789 B 153ms
49ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

0e4c293ff6f0c5b0fc8b74a8ba4b04be62bd1f977a6486ae1487a248ea23f71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-L4Vv8KidWvBxMc246BSBCA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Sat, 01 May 2021 16:52:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BD8 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 06:38:34 GMT
expires: Sun, 02 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 36863
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4133 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c185f0767fb4e2b518664caf04b85067d40c497d0bd8376f3cc5babc1a56fd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4133 20 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 132944
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:13 GMT

GET
DATA 200
OK truncated
/ Frame 4BB8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1e5f924a3149a5a588368ce260b838e4dfe95f566b5c2e3a0759655a4b61673

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0851 3 KB
578 B 28ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977058&bpp=13&bdt=146&idt=58&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6103576995356&frm=20&pv=2&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L5MYB6nWSZ&p=https%3A//www.guest-articles.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 16:15:48 GMT
server: ESF
date: Sat, 01 May 2021 16:52:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7C8C 35 B
465 B 26ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGMFxmQuMpsRDHVSJ2KOspE&google_cver=1&google_push=AQvitULCwqclR1qZ5-LVWBpVRqw4xj6IkB30vVfF8kXJqcnbuZRXlCEMGXkiN2gSq0e2OibDvpqtjSLjfo2r7ywQL1cf4w5qZ1M

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHN...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkySGFnQUFBYXZwN3hYSw&google_push=AQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHNTfJEm-DBx2uQM4uK86itGrz4nk71kwhhiJW-3uu5OquaMN2Kzdgsb6Tg

170 B
188 B

102ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkySGFnQUFBYXZwN3hYSw&google_push=AQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHNTfJEm-DBx2uQM4uK86itGrz4nk71kwhhiJW-3uu5OquaMN2Kzdgsb6Tg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkySGFnQUFBYXZwN3hYSw&google_push=AQvitUIBne65xaOBXANL2AdOvPdmbOKE7eBXnztnnHNTfJEm-DBx2uQM4uK86itGrz4nk71kwhhiJW-3uu5OquaMN2Kzdgsb6Tg
Date: Sat, 01 May 2021 16:52:58 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHoNS0MnKcSgIgc94iCbCjw&google_cver=1&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A
https://rtb.openx.net/sync/dds?google_gid=CAESEHoNS0MnKcSgIgc94iCbCjw&google_cver=1&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&ox...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&google_hm=FHf1urDtwfYSux9wbzn_EA==

170 B
188 B

101ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&google_hm=FHf1urDtwfYSux9wbzn_EA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKe9v9vPL0a7yVewzKOVFvPxkYH2Es90NUt6N89IkET7L2xI8MYSDoavnAH4Nu-osVUAm0YLha0fU02XAcOGJ4jfqQK-A&google_hm=FHf1urDtwfYSux9wbzn_EA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ujab7bma06omef7ntjuchi90oc7gktl5

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u9jUB23PT_umvsoeiwZUzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u9jUB23PT_umvsoeiwZUzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCQuWPm6uyyb6LkBJpQyJCEnIoWACJN0nCezuA0BkaxURg1ux4tNPVT6wFEy0Csc3JkAiE_99UqV8VFO0VDFmJTSN5j6k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u9jUB23PT_umvsoeiwZUzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCQuWPm6uyyb6LkBJpQyJCEnIoWACJN0nCezuA0BkaxURg1ux4tNPVT6wFEy0Csc3JkAiE_99UqV8VFO0VDFmJTSN5j6k
Date: Sat, 01 May 2021 16:52:56 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENYvETZ_Znwi5JAXz-vDw1M&google_cver=1&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3Yw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3QkstNi00NUZJ&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3YwBTnXRlHVVTnC3qnrdMjPUFo4

170 B
188 B

103ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3QkstNi00NUZJ&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3YwBTnXRlHVVTnC3qnrdMjPUFo4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3QkstNi00NUZJ&google_push=AQvitUKwRQXZYEgoe5DZbTLFbzeeFQsZMzIsdxtlomGN77QnFFqobjpv-1enTmSVEjOjMHpO3YwBTnXRlHVVTnC3qnrdMjPUFo4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2Hap8OaJDsK3dyY9mevgAABHMAAAAB&google_cver=1&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ...

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2Hap8OaJDsK3dyY9mevgAABHMAAAAB&google_cver=1&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ62xXx2u5KQqXWyzjiHpiyBn6NCiSAgU8SlX6LLT6L31zL2bm0Iz2eCXDVUsWg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 16:52:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2Hap8OaJDsK3dyY9mevgAABHMAAAAB&google_cver=1&google_gid=CAESEBssU4wFUWuisV4Ze49berU&google_push=AQvitUK0ythgYy1a-5E4otXwm0fu8p78XsvqJ62xXx2u5KQqXWyzjiHpiyBn6NCiSAgU8SlX6LLT6L31zL2bm0Iz2eCXDVUsWg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Sat, 01 May 2021 16:52:58 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7C8C
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEON8qvEBrrMe8aMmBGTSXc8&google_cver=1&google_push=AQvitUL_WqeGOgsVUzFZ9LRN...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL_WqeGOgsVUzFZ9LRNo1NjlaYxZI9zpXXMPTBfY7cSoKZg6-XuToBrnPv2rbz9rGdZ4vRmCEcEOT_RPvJsNu1pi9YdZbrK&google_hm=1dneaywivkqvnmfll...

170 B
329 B

64ms
64ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL_WqeGOgsVUzFZ9LRNo1NjlaYxZI9zpXXMPTBfY7cSoKZg6-XuToBrnPv2rbz9rGdZ4vRmCEcEOT_RPvJsNu1pi9YdZbrK&google_hm=1dneaywivkqvnmfllxrkobxbbymc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:57 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL_WqeGOgsVUzFZ9LRNo1NjlaYxZI9zpXXMPTBfY7cSoKZg6-XuToBrnPv2rbz9rGdZ4vRmCEcEOT_RPvJsNu1pi9YdZbrK&google_hm=1dneaywivkqvnmfllxrkobxbbymc
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 30 Apr 2021 16:52:57 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7C8C 0
236 B 179ms
61ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaHMJiF6TcMxGY3A5kQC6WYw8E_PqyXizYAaHBLRyNf9TrLEso9E0zd2ZHoUUpAS4om44Ekg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0851 1 KB
909 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:27:39 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 0851 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:49:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0851 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:52:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0851 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0851 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:51:45 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 0851 25 KB
10 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 273071
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4407987455593830475/ Frame 0851 29 KB
29 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4407987455593830475/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96b147c0ef6704b3aaee772034d60f1a311bac6eed3060393aa37c7aaf355068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:58:01 GMT
x-content-type-options: nosniff
age: 161696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29802
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 16:32:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:58:01 GMT

GET
DATA 200
OK truncated
/ Frame 0851 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f04e6c626988087b53c8786469394421d0da1356004b60ecee3a4e9391c98c58

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 866F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 109243
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 476C 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 16:13:26 GMT
server: ESF
date: Sat, 01 May 2021 16:52:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0851 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbAZBaYeNYNnaCuXCxgLc5KXoCMjbi8Bihu7tptkNv-iivcABEAEghK_RI2CVAqABh6Kp3ALIAQmoAwHIA8sEqgTgAU_QwqGVJkpBQpo5k84wssj5bDNEXB9j4wI1DSukGDwr9hjLtm50H7WeF_rVwxyD001_ZshXYX0R_z3Oafc6-FF6qe_AROrvoc1lMViNZi-Y14wNtMGV-Le7XOHnlmjEJIEpkm_lfUA8tYgp2qLCpfFGangCRgVhyVm6IrJwiVwtp9jZPgmkDNNZkYc8KQKLaP0N2m51nCWZjjCWUY_pVURdi_otxujK0deayB85ViTDo7irtg3tL6xQRcj3WS42hvMeUJFfhDhrSdTtpvQQnAwxOTwTR5LZ8gY6r9hp0waCwATI3fPOwAOSBQQIBBgBkgUECAUYBKAGLoAHxOe_3gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ_KAF0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDIgUAbIXGgoYCAASFHB1Yi01Mzk1MDU5MDk2NDU4OTY1&sigh=CmP8fqg4OiY&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977058&bpp=13&bdt=146&idt=58&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6103576995356&frm=20&pv=2&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L5MYB6nWSZ&p=https%3A//www.guest-articles.com&dtd=78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 16:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 476C 1 KB
909 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:27:39 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 476C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:49:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 476C 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:52:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 476C 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 16:52:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 476C 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 16:51:45 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 476C 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 273071
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7255730320823376380/ Frame 476C 5 KB
5 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7255730320823376380/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c70ec368535ddfefde8c5c6e2c4f1017f53d652a374f95b91da5b1bc410a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 162706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4782
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:10:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:41:11 GMT

GET
DATA 200
OK truncated
/ Frame 476C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0851 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ae339c425ccf8fafc701d82e11ebd06d3354f8661eb4e26e0c0ab7f6d086dd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 476C 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTJpQaYeNYJPwCovC1waxy7D4C5vts8VimqGTn-kN4ZSoo6MkEAEghK_RI2CVAqABr9PeugHIAQmpAg5Mg9KHKrQ-qAMByAPLBKoE5gFP0Jd_3rbwPOH4Pc7AMeGytIhDCBNRwMdrJdRpCEMQF-YurftpfwFKnJxxGVbGoS3x2rSb__KmCDV8pgwYm-gp0627LxCM0oeCoKumiHGCzkvCsudhPwhqXdPqfVe0SE7pEL6Yg8Ty8yRvXEQD0ML-_l2UjjImqSpde0Znt0zYxhu3-lPC_g__bj-ayUNFT8HnFv6C5q9wy-3rfsKpyDImS2fzF-47BRxEVaSMxsQcZU6Wtf_Lz8hR_ETp9NgfD-zR67PnT4YpO42Oeuotsxoxtb2bX8PDS4FMjUjt1BT58P7zFaKm9sAEhoLGi7sDoAYugAe5rKHFAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDynQHSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMDshcaChgIABIUcHViLTUzOTUwNTkwOTY0NTg5NjU&sigh=M2FyuU2X0lI&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 16:52:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8BD8 35 B
210 B 10ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOaYGB7PoVcMhLC9COyuxQA&google_cver=1&google_push=AQvitUJBtSCodF9sa8BuJyS4eVX6mIGINaQ6X9uw2cEH6YnGjINIPS1EoMIQlJ843aOTS0bhfZ3KDniFdQS75JgnQO1_K7TR8Hvcig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELqz3T1R-hMPcCDlazMBYic&google_cver=1&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA&google_hm=Q0FFU0VMcXozVDFSLWh...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA&google_hm=Q0FFU0VMcXozVDFSLWhNUGNDRGxhek1CWWlj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 16:52:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULxhck7j0eyW9mG68hKVsnpipKaeSI44VmPlcKEIxJezFGnYiEpqCFZtSYAMF0bPENH_rBjEtzIVYZTZ3uHfv1X4yZpw0T6mA&google_hm=Q0FFU0VMcXozVDFSLWhNUGNDRGxhek1CWWlj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUITm-fJ_Iq6heXiJIOzmORSLhuquboYTU9rqC7D1xrbzgNGbwuuqoy1kv13FMVyJUtbGrluyNdME-NE0eC6HleZux8ko9J1Ig&google_gid=CAESEO7vXryRqP0umZz_GxcVwP8&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOqOtoQGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJVG0tZkpfSXE2aGVYaUpJT3ptT1JTTGh1cXVib1lUVTlycUM3RDF4cmJ6Z05HYnd1dXFveTFrdjEzRk1WeUpVdGJHcmx1eU5kTUUtTkUwZU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSzhmT1hMTjZ5cUktYXZKNlgyZnVrUEEzMzFmNURJc0Jnb3hlSWtmbXVxYw==&google_push

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSzhmT1hMTjZ5cUktYXZKNlgyZnVrUEEzMzFmNURJc0Jnb3hlSWtmbXVxYw==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 01 May 2021 16:52:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSzhmT1hMTjZ5cUktYXZKNlgyZnVrUEEzMzFmNURJc0Jnb3hlSWtmbXVxYw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELawCf9COsR4BTQqLmnDqtw&google_cver=1&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg&google_hm=FHf1urDtwfYSux9wbzn_EA==

170 B
188 B

102ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg&google_hm=FHf1urDtwfYSux9wbzn_EA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKi-f18ua1y7HlammoFdIW_mg6l60UzLRBwuJSsDpmnq3QvxO0PqH0vOW9ZOlMe67u-iZ3hWhdLfkl4_KalssjO9jk6v4b2lg&google_hm=FHf1urDtwfYSux9wbzn_EA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 970ugnrs5l1ernfon66rvg9i6c0r4vhn

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bkx2SiJaQjGRNKfHGtoGXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bkx2SiJaQjGRNKfHGtoGXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKoP58SGSLNDCXbumYNm3q4rAu5gl7hhZdgNNt_A1zGtgswRKe3NJheK-tknUUnW2YHQqwCayJZS3JJvkpPjlIsqsKK-A3Vcg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Bkx2SiJaQjGRNKfHGtoGXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKoP58SGSLNDCXbumYNm3q4rAu5gl7hhZdgNNt_A1zGtgswRKe3NJheK-tknUUnW2YHQqwCayJZS3JJvkpPjlIsqsKK-A3Vcg
Date: Sat, 01 May 2021 16:52:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDqzoxETd7NhtANxuxUbxFk&google_cver=1&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-s...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3RVUtRC1JRkw0&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-sGBUPDtz3uIP9HrxVflDd7TrVRJg

170 B
188 B

55ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3RVUtRC1JRkw0&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-sGBUPDtz3uIP9HrxVflDd7TrVRJg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081Wkg3RVUtRC1JRkw0&google_push=AQvitUK5t9eASjVIJMjcxS5c--fEfOdyrRbN8_mRFotWzIsuYhb7LqcdZSzfYeaVVMzZ_dU_T-sGBUPDtz3uIP9HrxVflDd7TrVRJg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8BD8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2HavFJkhMDiA1nev7wzAAABKUAAAAB&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlL...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2HavFJkhMDiA1nev7wzAAABKUAAAAB&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlLIyphfBVKZjgA&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 16:52:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI2HavFJkhMDiA1nev7wzAAABKUAAAAB&google_push=AQvitUIww-5wyv74B7vDCbz4JAb_tKtkbvSPU-yxUQ5wwBlK1q7s6cIQ37cLnUStSlUhVVNccUiSQ7X1VttDutsKlLIyphfBVKZjgA&google_gid=CAESELycRLvVG1zdCFTCE0tB5fQ&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Sat, 01 May 2021 16:52:58 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BD8 0
49 B 61ms
60ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZd6NVjbUfDYOCmutBdIvQVJiKBJBfOFGLl87cKUhTnRX9gvi4G_iVSrm--XSJ5RLnP11j

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 16:52:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 iframe.html Show response
p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6AF2 4 KB
2 KB 98ms
50ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

c3dccfbd7d78afaf89e529d9d8011c10f504a2f5132482679ea3f49ae81a96a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-mnRdThCamIIha9VAB3c9ag' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1860
date: Sat, 01 May 2021 16:52:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkctAtxCowrCAqlHcCfmcqER22i5srXR1xf43h0hczFPZuEPZiMctu0Cq1eZv0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 16:52:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 01-May-2021 17:52:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 16:52:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 16:52:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 476C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e614c4dc1ba3cbe234abba5d09eeff2c6aae613623b9ebf77768075d2666294c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0851 21 KB
21 KB 18ms
16ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 542960
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0851 21 KB
21 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 110371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:27 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 476C 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 542960
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 476C 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 110371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:27 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame AB38 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 109244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame F885 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 109244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3533 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.16~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619887977&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977333&bpp=1&bdt=422&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D717b8812caf6bf91-22b89856f8c700a2%3AT%3D1619887977%3ART%3D1619887977%3AS%3DALNI_MbM8xV8VcFKlslP6tUguWRzVlIkmw&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=d9B49LPESN&p=https%3A//www.guest-articles.com&dtd=23

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 109244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0851 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2zO9c-Ql3tbE2jhreEhgzNw2fvZlOIQ5NvGoGUiwEbO50cSNxtGYckia8pd-QQCVySKdZrFTeSMepXqjhVAOH7CXcFdLnQIedvr2APG8tO9MFkZMLAQ-MRAeubw&sai=AMfl-YTSmGULw1nUfDKsMPk4tx0XJMZIVg9kpm70XT_2bwH3x7dbkXB0jwbQYHbhfc5bAfcDKTQDfxKLjFOL&sig=Cg0ArKJSzMQJXaopqj_XEAE&id=lidar2&mcvt=1000&p=80,245,360,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3098185010&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619887977140&dlt=650&rpt=84&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 476C 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSf08aYeNYJPwCovC1waxy7D4C5vts8VimqGTn-kN4ZSoo6MkEAEghK_RI2CVAqABr9PeugHIAQmpAg5Mg9KHKrQ-qAMBqgTmAU_Ql3_etvA84fg9zsAx4bK0iEMIE1HAx2sl1GkIQxAX5i6t-2l_AUqcnHEZVsahLfHatJv_8qYINXymDBib6CnTrbsvEIzSh4Kgq6aIcYLOS8Ky52E_CGpd0-p9V7RITukQvpiDxPLzJG9cRAPQwv7-XZSOMiapKl17Rme3TNjGG7f6U8L-D_9uP5rJQ0VPwecW_oLmr3DL7et-wqnIMiZLZ_MX7jsFHERVpIzGxBxlTpa1_8vPyFH8ROn02B8P7NHrs-dPhik7jY566i2zGjG1vZtfw8NLgUyNSO3UFPnw_vMVoqb2wASGgsaLuwOgBi6AB7msocUCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPKdAdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwOyFxoKGAgAEhRwdWItNTM5NTA1OTA5NjQ1ODk2NQ&sigh=k9XgQaln9FY&vt=1&template_id=5000

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619887977&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fsports%2Fbehind-ngolo-kantes-smile-01-05-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619887977074&bpp=1&bdt=163&idt=75&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=6103576995356&frm=20&pv=1&ga_vid=1378782914.1619887977&ga_sid=1619887977&ga_hid=881080338&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066430&oid=3&pvsid=415677829569616&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9rGWWuQ9Sm&p=https%3A//www.guest-articles.com&dtd=78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 16:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 476C 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk82-T6eiTIq7LY3z4FWLIK984Pkk99w2_B3W02bsu-km4WZ7Djd8AUD5ikkEX8cg7JzPyP0UONlmB8BQjMcyWUUF2ZYNF6-OKGjCCZ04CDoO5zhxIDyjqQQXD7g&sai=AMfl-YRRWoGBo6ZhN8vJYQp5IUFPEkM8kcsKj2iwLlJpsu1Sy6ouW689FHwpRCIxDmfHDXBMIejM6XoQ9_5Q&sig=Cg0ArKJSzBk0F8jPJXUGEAE&id=lidar2&mcvt=1002&p=385,1101,985,1354&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=234751482&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619887977153&dlt=702&rpt=67&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:52:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 6AF2 35 B
410 B 48ms
14ms Image
image/gif 2a00:1450:4001:82a::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 6AF2 35 B
410 B 167ms
50ms Image
image/gif 142.250.186.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.guest-articles.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: eb48abe58779a6a5c413e8fb21fc65dc
			.guest-articles.com/	1970-01-19 18:41:19	Name: __cfduid Value: d951e2016a763d3d9a3dc8a2212f7b4451619887976

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d.agkn.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img.guest-articles.com
p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i1-v6exp3.ds.metric.gstatic.com
p4-heq3r4gfmodja-fuotccsikejayfvg-784562-i2-v6exp3.v4.metric.gstatic.com
p4-heq3r4gfmodja-fuotccsikejayfvg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
secureir.ebaystatic.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.dreampirates.in
www.ebayadservices.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.guest-articles.com
142.250.185.226
142.250.186.131
142.250.186.178
142.250.186.34
18.194.113.221
184.30.24.241
184.30.25.27
185.64.190.78
2001:4de0:ac18::1:a:3a
209.140.148.26
2606:4700:3033::ac43:bbe6
2606:4700:3035::ac43:8e67
2606:4700::6810:a723
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2012
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
35.186.253.211
35.244.174.68
69.173.144.138
79.137.69.120
99.80.199.35
02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d13d6e2452182ed1cc3b7763f4b02579a71462f48ae18f963f4d1471462effe
0e4c293ff6f0c5b0fc8b74a8ba4b04be62bd1f977a6486ae1487a248ea23f71b
15ea07ec1d48b48a32d09d0e16ba78c3ccd455506de302473f681d0d2dedaf91
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a
2780027c5d6e248dacc3b2b78e52f91f2ebbe919c329aa80035ae5430e0573a1
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
39e8d28a2e8baf41eab5e672b847a33681531a0f8b0889292936fe95e1e81b69
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
44c70ec368535ddfefde8c5c6e2c4f1017f53d652a374f95b91da5b1bc410a04
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c185f0767fb4e2b518664caf04b85067d40c497d0bd8376f3cc5babc1a56fd7
54b14d96cebf1df7986d63b77b853ba6aff246a5a70f686b3080b86df5b153bb
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ae339c425ccf8fafc701d82e11ebd06d3354f8661eb4e26e0c0ab7f6d086dd7
5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7
60f1d101e539c87c8b7394b39152fc4fb0b90c6491889830bb0a8c0136bdae61
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7d832a6d9c0aaf3dabad65dc20c637d4b2c025500f987e3eb21dbdf367df1e26
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
870262eae24ba5935609592a8ee206eed118631d869f05f22c579dd68f89046e
96b147c0ef6704b3aaee772034d60f1a311bac6eed3060393aa37c7aaf355068
982fa18d3f3f2c0e473a172c5cc0a327b9f57fc98f78c56a5b0b4ec9a132cd8b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a765a284649afbb909b6d12da5a089ae26f59cbeb6f7a247f0cf6ac5c896bba2
a900be1d59c6dbaf1e5f0caece75c5b1478693af60d2ea909a8af71f017192fc
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
bec548677c704432d13e6e69c14a1ede1ff1c1d668caf767ae88cf10b77694a5
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
c1e5f924a3149a5a588368ce260b838e4dfe95f566b5c2e3a0759655a4b61673
c3dccfbd7d78afaf89e529d9d8011c10f504a2f5132482679ea3f49ae81a96a4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb40a1d4b9c6d445d0837e4365195a058d3839f047371aa0154e6b5b4682fb78
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e614c4dc1ba3cbe234abba5d09eeff2c6aae613623b9ebf77768075d2666294c
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e89cc5c0e0e4a0368f0578542ac3dddb9a3a7a26caa05c950fdc14e664799fdb
e9d2aab9984a7518beab5f3913f373275d6f870b1f64503c346615afb4221ca1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ce6a7326d7b0c7b430da894fff16486f5f3dc7494549bc598fe2f6c572cec
f02dc4a0fb470b98e7f7742a93f1ed363b8184c89ce695a97c63ad75a45bf35d
f04e6c626988087b53c8786469394421d0da1356004b60ecee3a4e9391c98c58
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.guest-articles.com Open in urlscan Pro 2606:4700:3035::ac43:8e67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

61 %IPv6

25 Domains

35 Subdomains

27 IPs

6 Countries

2766 kBTransfer

4273 kBSize

2 Cookies

6 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.guest-articles.com Open in urlscan Pro
2606:4700:3035::ac43:8e67 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

61 %
IPv6

25
Domains

35
Subdomains

27
IPs

6
Countries

2766 kB
Transfer

4273 kB
Size

2
Cookies

109 HTTP transactions
6 data transactions