www.guest-articles.com Open in urlscan Pro
2606:4700:3034::6815:3f11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Submission Tags: falconsandbox
Submission: On May 01 via api (May 1st 2021, 3:04:50 pm UTC) from US

Summary HTTP 126 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3034::6815:3f11, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.guest-articles.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 30th 2020. Valid for: a year.

This is the only time www.guest-articles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3034::6815:3f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2 32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
15	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	217.182.200.19 217.182.200.19	16276 (OVH) (OVH)
1 1	216.113.181.212 216.113.181.212	11643 (EBAY) (EBAY)
1	184.30.25.27 184.30.25.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.41.112.73 52.41.112.73	16509 (AMAZON-02) (AMAZON-02)
126	29

6 2606:4700:3034::6815:3f11 (United States)

ASN13335 (CLOUDFLARENET, US)

www.guest-articles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.guest-articles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.227.69 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.19 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.113.181.212 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-web-public-1-3-lvsaz03.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-27.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.112.73 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-112-73.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 2 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	725 KB
31	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	143 KB
17	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	406 KB
6	googletagservices.com www.googletagservices.com	203 KB
6	guest-articles.com www.guest-articles.com img.guest-articles.com	49 KB
5	google.com 2 redirects adservice.google.com www.google.com	353 B
4	googleapis.com fonts.googleapis.com	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	2 KB
3	openx.net 3 redirects rtb.openx.net	817 B
3	google-analytics.com www.google-analytics.com	19 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	419 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	913 B
2	everesttech.net 2 redirects pixel.everesttech.net	752 B
2	google.de adservice.google.de	287 B
2	googletagmanager.com www.googletagmanager.com	81 KB
1	ebaystatic.com secureir.ebaystatic.com	485 B
1	ebayadservices.com 1 redirects www.ebayadservices.com	533 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	263 B
1	jquery.com code.jquery.com	30 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
126	23

	Domain	Requested by
33	tpc.googlesyndication.com	2 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.guest-articles.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.guest-articles.com
16	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.guest-articles.com	www.guest-articles.com ajax.cloudflare.com
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	e.dlx.addthis.com	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	img.guest-articles.com	www.guest-articles.com
2	www.googletagmanager.com	ajax.cloudflare.com www.googletagmanager.com
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.guest-articles.com
126	31

This site contains links to these domains. Also see Links.

Domain
yelhakim.instructure.com
www.dreampirates.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-30` - `2021-10-29`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.ebay.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-04-27`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Frame ID: CB4FA308E6A5AC797317B5579E66523C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: ECF543299599FEB57BA156F12B15F69D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473794&bpp=5&bdt=155&idt=69&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4494271932462&frm=20&pv=2&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ph7qc9CtcJ&p=https%3A//www.guest-articles.com&dtd=88
Frame ID: 78C5215980A0EE10A837540348555D18
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96
Frame ID: 636D26378687CDB1169B0EFBF197A456
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104
Frame ID: 78E1EEE85F6F41AD289D046C817F1C5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619881473&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473815&bpp=1&bdt=175&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=119
Frame ID: 3FF02965B55B4E875F2A0E7CF85F11D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 032685ED7A6F0850A3945FF0F545C313
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.12~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=462&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2ZQZMAgD5q&p=https%3A//www.guest-articles.com&dtd=22
Frame ID: 92D462558D1AFC1AD8B0323487EFDB58
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27
Frame ID: CEAAEAE939497E2DCEBBBF7097E9EC34
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 563E0BFFC3CE0A503540A66BE4AE6445
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: 25B361973AB41EBF676C63CC5A1D97C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html
Frame ID: DC14B899B88D0E8338FF860ECC76E51C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CKA4GAW6NYM3dOJS0b4mljPABur-oqmL2l-P66AzZ2R4QASCEr9EjYJUCoAG1kMTAA8gBCagDAcgDSKoEiwJP0P2wJJaNelAWH9E_qsQ4RHprbMggSPfOTq40qIBnxq2rRnfZhTGDzB16g1K1CQfdBAl-WH2MOgeyikryqo_1tYu26s-cBaKbSpF4yo4-AUyZIWqkLPzapay2trzDkfzR9jbZhgZUxEvP3L1PGyvq9rQuNoP5Nv-DCEFdso8Jts6chDJSkH2rYlSFcwSdvY-m8ghBMjAf0OqW3BI1aKv3sGKRSXIuC9Ddu7MfGXypO6qK6vg2F7QU2U_lUE-Y275klVXI5XQQ3MsjiugqgydaufwPbsLOFeGQzy8md34v3FkhntPIE9-8fH4gQ-p-Rkblw1OkM7TNp50WnNpqngVJajIO4HJhES4AIUPABOSgt4K3A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAez77s_qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM7hAdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01Mzk1MDU5MDk2NDU4OTY1&sigh=TDCmiFmznjQ&template_id=419
Frame ID: 11233D6B7633A7D2B2E43E3DC5E0992B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C4EFB6EFF0FC029C0EBC3463FDF82967
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9444F5CD5A11DEAA2FF86E4BF45CFFA9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: D5ECD4E11A671ACD79E1C87E9EBCBBF7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: 7F7F6D9F719487F751792753FE35F139
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C72AB8ACA43203926E7ED7D16EE3E5FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js
Frame ID: 2962E6E8177A9CBDF81A0DACA1758A78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

126
Requests

100 %
HTTPS

68 %
IPv6

23
Domains

31
Subdomains

29
IPs

6
Countries

1664 kB
Transfer

3466 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://yelhakim.instructure.com/eportfolios/12651/365_Days__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/365_Days__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica
Title: https://yelhakim.instructure.com/eportfolios/12651/365_Days__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/365_Days__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica

Search URL Search Domain Scan URL

URL: https://yelhakim.instructure.com/eportfolios/12699/S_druge_strane_ograde__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/S_druge_strane_ograde__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica
Title: https://yelhakim.instructure.com/eportfolios/12699/S_druge_strane_ograde__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/S_druge_strane_ograde__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica

Search URL Search Domain Scan URL

URL: https://yelhakim.instructure.com/eportfolios/12735/Mile_22__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/Mile_22__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica
Title: https://yelhakim.instructure.com/eportfolios/12735/Mile_22__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/Mile_22__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica

Search URL Search Domain Scan URL

URL: https://yelhakim.instructure.com/eportfolios/12760/The_Trial_of_the_Chicago_7__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/The_Trial_of_the_Chicago_7__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica
Title: https://yelhakim.instructure.com/eportfolios/12760/The_Trial_of_the_Chicago_7__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/The_Trial_of_the_Chicago_7__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica

Search URL Search Domain Scan URL

URL: https://yelhakim.instructure.com/eportfolios/12792/Fifty_Shades_Freed__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/Fifty_Shades_Freed__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica
Title: https://yelhakim.instructure.com/eportfolios/12792/Fifty_Shades_Freed__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica/Fifty_Shades_Freed__cijeli_film_s_Prijevodom_na_Hrvatski_2021_Online_Sa_Prevodom__Gledalica

Search URL Search Domain Scan URL

URL: https://www.dreampirates.in/
Title: DreamPirates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 68

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn-cKLwAEQ9AMY9AMyCMDxQEMwArpD HTTP 301
https://tpc.googlesyndication.com/simgad/8465805657729328989

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 90

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jcfGAU5rE29Q_8gizby1Da5UignKSrAy9HLB1MqsjXF3vPY2gG68prioVBI&google_gid=CAESEBSdjo4cMCzYI_zd0htJc1o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUFnQUFCUkRULVhOaA&google_push=AQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jcfGAU5rE29Q_8gizby1Da5UignKSrAy9HLB1MqsjXF3vPY2gG68prioVBI

Request Chain 91

https://rtb.openx.net/sync/dds?google_gid=CAESEMNELlPlrACNrhHNL9fOZzg&google_cver=1&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEMNELlPlrACNrhHNL9fOZzg&google_cver=1&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&google_hm=IizdIVrrxNksFxL4_TvIrw==

Request Chain 92

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELh_tFatu0IwYVA-WqcZdoA&google_cver=1&google_push=AQvitULeWJbCfnR4pNigt0tVXrwHasI4meNYEC_q3reCZuS9nkdwvQs6QDS7iaqgqwPTex-YqXYoXItfEZpCeWqnRjodBS88jMQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELh_tFatu0IwYVA-WqcZdoA&google_cver=1&google_push=AQvitULeWJbCfnR4pNigt0tVXrwHasI4meNYEC_q3reCZuS9nkdwvQs6QDS7iaqgqwPTex-YqXYoXItfEZpCeWqnRjodBS88jMQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeWJbCfnR4pNigt0tVXrwHasI4meNYEC_q3reCZuS9nkdwvQs6QDS7iaqgqwPTex-YqXYoXItfEZpCeWqnRjodBS88jMQ

Request Chain 93

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEo6VaJocze3Sw1F7CnoZag&google_cver=1&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQvxXighMZBrr-G2KS8AbDhgu7M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxURFQtMS0xS0JG&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQvxXighMZBrr-G2KS8AbDhgu7M

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_cver=1&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQP3K8aWCg-6a04jpDdtM31QWykogfZN4HVLWJ1UO92JaXXKYXqswbaBvS_gxIMiu HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_cver=1&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQP3K8aWCg-6a04jpDdtM31QWykogfZN4HVLWJ1UO92JaXXKYXqswbaBvS_gxIMiu&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_cver=1&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQP3K8aWCg-6a04jpDdtM31QWykogfZN4HVLWJ1UO92JaXXKYXqswbaBvS_gxIMiu

Request Chain 95

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHGdjTdlu_PdczaL81tPfeM&google_cver=1&google_push=AQvitUIuPfk597DJrGejuhTcm7GzedIMLPv3d-JAqmZmNS0dn2anxxSseSpm5hxHbAEJMHpaKUVmp9W1J0nQ69uhiT3UKqDWrHyH8A HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIuPfk597DJrGejuhTcm7GzedIMLPv3d-JAqmZmNS0dn2anxxSseSpm5hxHbAEJMHpaKUVmp9W1J0nQ69uhiT3UKqDWrHyH8A&google_hm=

Request Chain 112

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPuoCdLhCwCRisAjIIDwAhueo-8IU HTTP 301
https://tpc.googlesyndication.com/simgad/6037977029595278777

Request Chain 114

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=1746106824&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 119

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHlin6qmsSTrqc_hvxXXMw5VHOjTFqXaDkI_RsOwHA3886zz-7M7VpT9KeW8i&google_gid=CAESELkh6d9GBdy-uiOISjSy3iU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUF3QUFCZkQ5VHdYeQ&google_push=AQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHlin6qmsSTrqc_hvxXXMw5VHOjTFqXaDkI_RsOwHA3886zz-7M7VpT9KeW8i

Request Chain 120

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFwcCYi4OymY9fZuuFyrsKX_RjXtcvIQ&google_gid=CAESELlTg11ASor4O3aN3HB6ARE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFwcCYi4OymY9fZuuFyrsKX_RjXtcvIQ&google_gid=CAESELlTg11ASor4O3aN3HB6ARE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MDExNTA0MzUzOTA0MTc4MDMyMDc1Mg%3D%3D&google_push=AQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFwcCYi4OymY9fZuuFyrsKX_RjXtcvIQ

Request Chain 121

https://rtb.openx.net/sync/dds?google_gid=CAESEE41fgxvngLj2lilrMF5K-4&google_cver=1&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8&google_hm=IizdIVrrxNksFxL4_TvIrw==

Request Chain 122

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF73oUKghSTdClO6svQOz9Q&google_cver=1&google_push=AQvitULgf7N_LlMDHTqbHryLoItmAeh20ym_8L_2TT6sg4rOdhIPnGi1lRyTs6txw_fY-gUbj3EqJODFQ2qXIq7gCGobDWfhO-4e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULgf7N_LlMDHTqbHryLoItmAeh20ym_8L_2TT6sg4rOdhIPnGi1lRyTs6txw_fY-gUbj3EqJODFQ2qXIq7gCGobDWfhO-4e

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqBsV7iQxjLyG2-v-nLA5o&google_cver=1&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG_x6qtT6wvoKF4c_UOQqilIPCr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxUTUstUy1HVVNZ&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG_x6qtT6wvoKF4c_UOQqilIPCr

Request Chain 124

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIYz2B4D5_US4eftckHtHuU&google_cver=1&google_push=AQvitULFaVZk5z9rLMcoScz_AbTADQ8fAmo2rDxFwwgEcf6wGq_UlTsLDSJHZWwjwD2AZkoQtKMNv5v0wW4HQOQ34PU7mypW1Ho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_push=AQvitULFaVZk5z9rLMcoScz_AbTADQ8fAmo2rDxFwwgEcf6wGq_UlTsLDSJHZWwjwD2AZkoQtKMNv5v0wW4HQOQ34PU7mypW1Ho&google_gid=CAESEIYz2B4D5_US4eftckHtHuU&google_cver=1

Request Chain 125

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJxDuDj7kd4ym42GCOYvUEU&google_cver=1&google_push=AQvitUKM1UXN8TO3MC0-hg5NG7tc9s0Q7zB-2Ra8lkHxmanftJgZQXOcAXxtELqx9qqgu3OapUqJbmdxYzqFDp9gA3ght77LBZn8 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKM1UXN8TO3MC0-hg5NG7tc9s0Q7zB-2Ra8lkHxmanftJgZQXOcAXxtELqx9qqgu3OapUqJbmdxYzqFDp9gA3ght77LBZn8&google_hm=

126 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 7-unusual-formations-which-ever-used-in-football-18-04-2021 Show response
www.guest-articles.com/news/ 28 KB
8 KB 230ms
230ms Document
text/html 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: 86d15dea013c4d1f2c837861a9b9249b0a4d3e603507c4b0615a0d9a00c6965c

Request headers

:method: GET
:authority: www.guest-articles.com
:scheme: https
:path: /news/7-unusual-formations-which-ever-used-in-football-18-04-2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4dca4736bfbdee0df01ff8e0c37eeb6d1619881473; expires=Mon, 31-May-21 15:04:33 GMT; path=/; domain=.guest-articles.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=fc389f5b9c37df22724bbcb8cc0d50bf; path=/; secure
x-powered-by: PHP/7.4.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 09ca0ecd86000097fc403f4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRgQ5eTA0HSeW04fh3qFPnNiRhSORAHds7IRwQpKqqAX7ssOEK0jDscPbtfSBF%2B8a%2Bp4m5%2Fs%2Fx39l9RNVID8VbriQqtqRgD0wYqwNALsmEC1%2B8ZxrmmWqktBKzFEGgMRrQiu"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6489e728cac897fc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 bootstrap.min.css
www.guest-articles.com/admin/css/ 156 KB
21 KB 22ms
21ms Stylesheet
text/css 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/admin/css/bootstrap.min.css
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

:path: /admin/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=d4dca4736bfbdee0df01ff8e0c37eeb6d1619881473; PHPSESSID=fc389f5b9c37df22724bbcb8cc0d50bf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 726614
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ca0ece6b00004de8343e3000000001
last-modified: Wed, 22 Apr 2020 15:09:45 GMT
server: cloudflare
etag: W/"26f1b-5ea05e39-9654748b9919a61a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hZAotlf35Zxnkw8yPIa%2Bl9HKSbSLXH69GayS7XyuToU23FLkXkz9WJRYfpUgCzUU1Ip2c0phQ1H70bkWK8Px5WMcUWjZ%2B5WC776H1ZsX02CHJNJhefOMWozMtLNQRVzH1uQO"}]}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6489e72a4bff4de8-FRA
expires: Sun, 23 May 2021 05:14:19 GMT

GET
H3-29 200 logo2.png
www.guest-articles.com/ 4 KB
5 KB 22ms
22ms Image
image/png 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guest-articles.com/logo2.png
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7

Request headers

:path: /logo2.png
pragma: no-cache
cookie: __cfduid=d4dca4736bfbdee0df01ff8e0c37eeb6d1619881473; PHPSESSID=fc389f5b9c37df22724bbcb8cc0d50bf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 726614
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4363
cf-request-id: 09ca0ece6c00004de838870000000001
last-modified: Thu, 26 Dec 2019 10:06:17 GMT
server: cloudflare
etag: "110b-5e048619-7fa20e768bf2fb9c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cRCAY1SqVYmp7miH56MEaRwgP2DheiWx0uVlfpKb4CCOvUSZJr%2Fv%2Fn9k1i1CHdf5U67TL8NBKYTjOXq9QuBhe0cr0s52XR6GszWynS2D2tnNQB1hMQPml%2F5LxePd3C616v%2Fp"}]}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6489e72a4c004de8-FRA
expires: Sat, 23 Apr 2022 05:14:19 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 09ca0ece6c00002c3207969000000001
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"608bc887-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xQy9Udfjg6Jk7ZCnFLxh9YU7f%2BAGw1ow4yfc%2BMGcvqXPmIvcTqBW8Ht4YXTdob%2FgxBcqjN4DmN8yXekly2z6mCAxdv7XoJBobu6C4islrG79Onl8scJfqFEkL1jH6zFY"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6489e72a4b1c2c32-FRA
expires: Mon, 03 May 2021 15:04:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee6ac0af710ec6172becfb95c4f412e860ae3b49729da1ffe35b3ab77fe13172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36771
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H3-29 200 bootstrap.min.js Show response
www.guest-articles.com/admin/js/ 59 KB
15 KB 17ms
17ms Script
application/x-javascript 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guest-articles.com/admin/js/bootstrap.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

:path: /admin/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=d4dca4736bfbdee0df01ff8e0c37eeb6d1619881473; PHPSESSID=fc389f5b9c37df22724bbcb8cc0d50bf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.guest-articles.com
referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116652
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ca0ece7d00004de80c2ef000000001
last-modified: Wed, 22 Apr 2020 15:09:45 GMT
server: cloudflare
etag: W/"ea6a-5ea05e39-8519513de6195075;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9b%2BsBv9%2FINygpaPMedLQzHhttsKZdFdjWMt3O%2BPAZR1gLvUpcS2DWqZxJbUkmWlGC0PrXTK7q9tONxkPtv6fECeZK%2B536WdCjW1E5NeNe668M%2FhQhvt6FLiieLJdGNuSwT8i"}]}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6489e72a6c3a4de8-FRA
expires: Fri, 07 May 2021 06:40:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H2 404 6124images.jpg.webp
img.guest-articles.com/18-04-2021/ 0
0 38ms
37ms Image
text/html 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.guest-articles.com/18-04-2021/6124images.jpg.webp
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 3764download.jpg.webp
img.guest-articles.com/27-01-2021/ 0
0 39ms
39ms Image
text/html 2606:4700:3034::6815:3f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.guest-articles.com/27-01-2021/3764download.jpg.webp
Requested by: Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 8ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://www.guest-articles.com
Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1619881473.dop206.fr8.t,1619881473.cds252.fr8.hc,1619881473.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5395059096458965&plah=www.guest-articles.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame ECF5 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 01:17:06 GMT
expires: Sat, 15 May 2021 01:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 49647
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c71f90aebb217fec76b2d1e6974ed8036ce4fe694709cc5ae03dfb5e9f3d711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46080
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
263 B 54ms
54ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.guest-articles.com&callback=_gfp_s_&client=ca-pub-5395059096458965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5395059096458965&plah=www.guest-articles.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

698a96d8eb0d9f7705ae941928b11f4ece9c31c978830be8a0ae9b7f8075774f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78C5 74 KB
24 KB 654ms
653ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473794&bpp=5&bdt=155&idt=69&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4494271932462&frm=20&pv=2&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ph7qc9CtcJ&p=https%3A//www.guest-articles.com&dtd=88

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ce42c37fd324ab20fdbade7a15ccd2585c42929af8a17ae6432dc406ce0bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473794&bpp=5&bdt=155&idt=69&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4494271932462&frm=20&pv=2&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ph7qc9CtcJ&p=https%3A//www.guest-articles.com&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 24314
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 15:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 20ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f6c1a0b6433e0c650da81a70a1e5004a57320cb13cd188db68d309ac8fe9b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7580
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 30ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 636D 67 KB
25 KB 312ms
311ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7140b73fbdfb6744652a049bab08da55daf4bbaa76bd1766e6f031c088ec72e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 25503
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 15:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78E1 102 KB
32 KB 525ms
524ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238407bbe4d126162d47be72f588fd8091dc7a4d5230aeb491ef173b9185fea1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI3i097gqPACFRTaGwodiRIDHg&gqi=AW6NYPDkN9WsbLiUvyA&layout=/sadbundle/%24csp%253Der3%24/8938190272366586647/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI3i097gqPACFRTaGwodiRIDHg&gqi=AW6NYPDkN9WsbLiUvyA&layout=/sadbundle/%24csp%253Der3%24/8938190272366586647/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 32929
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 15:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3ZP9LWFNVK&gtm=2oe4l3&_p=47171394&sr=1600x1200&ul=en-us&cid=1403322918.1619881474&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&dt=7%20Unusual%20Formations%20Which%20Ever%20Used%20in%20Football%20%7C%20Guest%20Articles&sid=1619881473&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guest-articles.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5038
date: Sat, 01 May 2021 13:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 01 May 2021 15:40:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:33 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FF0 16 KB
1 KB 112ms
111ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619881473&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473815&bpp=1&bdt=175&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=119

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54b14d96cebf1df7986d63b77b853ba6aff246a5a70f686b3080b86df5b153bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1619881473&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473815&bpp=1&bdt=175&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200%2C253x600&nras=1&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 1192
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 15:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=47171394&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&ul=en-us&de=UTF-8&dt=7%20Unusual%20Formations%20Which%20Ever%20Used%20in%20Football%20%7C%20Guest%20Articles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=826619968&gjid=997490913&cid=1403322918.1619881474&tid=UA-66414585-12&_gid=2116641388.1619881474&_r=1&gtm=2ou4l3&z=81205817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guest-articles.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0326 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 14:32:57 GMT
expires: Sun, 01 May 2022 14:32:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1897
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0326 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guest-articles.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92D4 93 KB
27 KB 352ms
352ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.12~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=462&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2ZQZMAgD5q&p=https%3A//www.guest-articles.com&dtd=22

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a155d66f15852325996296a82d80637118aeccb36197f72a59ffc977bf6f5c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.12~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=462&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2ZQZMAgD5q&p=https%3A//www.guest-articles.com&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 27531
x-xss-protection: 0
set-cookie: IDE=AHWqTUlWxsK7cyIdiMC_pKpFlPs89QZWDyAgP_1xxMMjkegmglkMc2e9Sv7jR2gqZEc; expires=Thu, 26-May-2022 15:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CEAA 84 KB
26 KB 546ms
545ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d159ca2d209e1c33cfe3a33748c52a09b652101fe7182ac8cda67bd9487b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guest-articles.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guest-articles.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 15:04:34 GMT
server: cafe
content-length: 27026
x-xss-protection: 0
set-cookie: IDE=AHWqTUnFUcBd3oZ7uhZmTOkHLbVQI31Nqg4SwNYlONIHtzfgqurv4FTxeSxhumR9RQY; expires=Thu, 26-May-2022 15:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

GET
H3-29 200 13941226069182231622
tpc.googlesyndication.com/daca_images/simgad/ Frame 636D 121 KB
121 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13941226069182231622

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e1964b366729d0346b2daf96f9932b80ba38e6f0fc65e05341743f17c556cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 07:21:38 GMT
x-content-type-options: nosniff
age: 286976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123993
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:56:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Apr 2022 07:21:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 636D 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 636D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 636D 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 636D 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:49 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 636D 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 12:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10468
x-xss-protection: 0
server: cafe
etag: 16391357189745862645
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 12:02:02 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 636D 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cca1dAW6NYK_xN4esb-vugsgHuJDLx2LPtc6jxQ3BhMD8-gEQASCEr9EjYJUCoAGyhq70AsgBAqgDAcgDyQSqBIgCT9Bm8EvNXN_giJqcoP8KKcG-olLE-Z0tiE1HeFOxp2TCpudm0rbEuQrH5G_VE16fuy2EqhBE0znQjqaauo3CYAjvs3uKMu-hJdp7W_Trh2ckt-Rl5gKHaproSks1mRGqPUWPX09AdD2e4MQteXVGmHLzy08227SU3CsXEyduFqHLRGh0pt2mu-yZUJ4DSNq4Ifs3BKs8k5dU_FeWyMNWwh8j-SWD5aTMnYvbYuLUVzMRcGySSHCo0PCnQ9TUDUTBtgaPywLvorAfuPGm-i9ut3Pa7hgeo34pN3eyR2zGxszfCEI9cMZ3oi2eha29GW6WmMhhHy8tjBs9gV4CQqEimSdAA261hZH0wATOhaiJvQOSBQQIBBgBkgUECAUYBKAGAoAH38nrjwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ1-sC0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTUzOTUwNTkwOTY0NTg5NjU&sigh=HB4tHFpGtLY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 15:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 563E 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=3622349434&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1619881473&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473799&bpp=1&bdt=160&idt=92&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fcvl83uV47&p=https%3A//www.guest-articles.com&dtd=96

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 14:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2115
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 636D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4da5a79385eb0e03cc721d86a3c549a37e4ec79918b372fbfd6f05a7ed7a7dbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=3796987529751018&bg=!z8ylzIjNAAZLnZBaS507ACkAdvg8WqaXamnHyWEjf0hciUUOHOpxFxqnR82cUS0QYbqV3fiBBretmwIAAADBUgAAABdoAQcKAPnMJH0dEPv-mqCWsilKIcsxfeLIXMBTo8M5HsG3m2WmbyBcKLl1ZDmg-0Z7KbWPnlzejziW1zitJwdchRfCcKWkxTCNwzR25vHs6De4aZBnsOrwtOQml8HK4z6klxoZwxlF2bW2o416eDy5sDzgaxmR-jTQcgNI_fzXS2ZtDfJcBw26d0UjeE--1lIDH4jmwYDkAd8f5JisE8AltSRVA6lZJnLn-m16upRXPnuCgsSHCJ_2Y3Xgl3_dOFxnhW4a8UsxanSbHEkq3r2pre9eeeOHWX9RARfjkeYCNEmSb3WrmBasvstzazG4ULK6V3yQlGExYuuvVNpd6NWZAkr7XeCGJqEjidpm3xc66jQNd9LgC9wrn9xOBPS0DLS4eX8ULcvETKAVZRSmcR8eYBsVJv-moNFP3t-dvRU2MsKC_FnWcETz-bzqHXIqZeKAo5SwlFnDSoiln4_bJmkDpbeew1GFcSjTh8TayYAjloJ4MxCIRL5C8C6iZ8-EB9Cu-SaClITzvEvijmi1btVSP7xR0_dmavqsLWFvFjN_PY-AL7CajvJO1mVrDG_JaYiNrazcpAyHL7AIhkDWIvxrkNJdid7P6KSWfNQoeo50Ai1nBDNLqkqZBkc-JEj_u3i48FyzcM1WFn6M1nXVdqiySZGMeUJf9XVrfsbiKB1y9JDvtb7LHDzPOCRszOwMxY7h_zQBbeIwUM3_-wjiagQ_ruHpnECJ4gH8OkJK3cHAkGwsSehXHVWQurGEERSWj8Vj_l5pH2njxQTMQXtnrLUStmLL4ZfRqz9VBPidC06x1DDa9hlBxJ1an921zZ84S_2Q2tg9O6wRy97Cs8ghSKj27a-BrtkwtbuHNZGhqZwzKVPZ7O-lKJdPBDadP840mR3Gw4OMQ140r7PH-pxJyc1lZj9nCHqr27XQ1zrFI5dDM2cKUCH9oEk9sXG-V8vs-CJd68GcTgeg3PP7RXp25OH53OlwRzuaVzqT7oBcsTL3nh-xBO0YeIWPppeP0nqTEu6OJqYmJxNPRr3c458tcsd7YYwK7WWUGcyv5qV8vc3fdRAYuKYsbuzoBk9v6mfgKJg1dSn4uZpUP1KoY8797vu1DsnA8W1s0U7uSJrB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guest-articles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 563E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmbshjJ1fqdx_M2nzHEG3CoQX3ONuC41Me8PP1jYpUuR0kU7fhaGsmvHwKo7L0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 15:04:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 01-May-2021 16:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 15:04:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 25B3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/ Frame DC14 18 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Requested by

Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f0151c21d999ed4a2a4c67011ebc89549fd5d2851221b6b29b4b5773a7f382

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8938190272366586647/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 28 Apr 2021 06:23:26 GMT
expires: Thu, 28 Apr 2022 06:23:26 GMT
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3429
age: 290468
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1123 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKA4GAW6NYM3dOJS0b4mljPABur-oqmL2l-P66AzZ2R4QASCEr9EjYJUCoAG1kMTAA8gBCagDAcgDSKoEiwJP0P2wJJaNelAWH9E_qsQ4RHprbMggSPfOTq40qIBnxq2rRnfZhTGDzB16g1K1CQfdBAl-WH2MOgeyikryqo_1tYu26s-cBaKbSpF4yo4-AUyZIWqkLPzapay2trzDkfzR9jbZhgZUxEvP3L1PGyvq9rQuNoP5Nv-DCEFdso8Jts6chDJSkH2rYlSFcwSdvY-m8ghBMjAf0OqW3BI1aKv3sGKRSXIuC9Ddu7MfGXypO6qK6vg2F7QU2U_lUE-Y275klVXI5XQQ3MsjiugqgydaufwPbsLOFeGQzy8md34v3FkhntPIE9-8fH4gQ-p-Rkblw1OkM7TNp50WnNpqngVJajIO4HJhES4AIUPABOSgt4K3A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAez77s_qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM7hAdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01Mzk1MDU5MDk2NDU4OTY1&sigh=TDCmiFmznjQ&template_id=419

Requested by

Host: www.guest-articles.com
URL: https://www.guest-articles.com/news/7-unusual-formations-which-ever-used-in-football-18-04-2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 15:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 1123 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 1123 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1123 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 1123 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:49 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4EF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlWxsK7cyIdiMC_pKpFlPs89QZWDyAgP_1xxMMjkegmglkMc2e9Sv7jR2gqZEc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=3832140286&adk=234751482&adf=1468885513&pi=t.ma~as.3832140286&w=253&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473800&bpp=1&bdt=160&idt=101&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C823x200&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x5c0IkXelY&p=https%3A//www.guest-articles.com&dtd=104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 14:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2115
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DC14 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DC14 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 May 2021 23:11:01 GMT

GET
H3-29 200 2b040956e0b852f74dc3ceeb77875d75.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/ Frame DC14 70 KB
18 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/2b040956e0b852f74dc3ceeb77875d75.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 118750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18743
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Fri, 30 Apr 2021 06:05:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 06:05:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 92D4 2 KB
627 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.12~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=462&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2ZQZMAgD5q&p=https%3A//www.guest-articles.com&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 14:13:59 GMT
server: ESF
date: Sat, 01 May 2021 15:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 92D4 1 KB
919 B 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:28 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 92D4 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 92D4 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92D4 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 92D4 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:49 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 92D4 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 18:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 75239
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:10:35 GMT

GET
DATA 200
OK truncated
/ Frame 1123 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1ee438cb4de4b5120482ef4c90dec4e97da26f044ab3c71ccb94b097ec3e6ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92D4 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCNdFAm6NYIHkCMmqlgS2y46YBtry9atitcqpiJMNkc64zZQdEAEghK_RI2CVAqAB-5SVygPIAQmpAg5Mg9KHKrQ-qAMByAPLBKoE_wFP0PXQS0rkBPWeXn95AzJVAZAY0HvCvdl2PRRKcrVXc878e_Vlds1wfdAE-ix4kMpPqUeYOpCVe1IHptsAtscpPD_xHyVR3QZSYB8klf0CbMAU_Yg2plJISvDFMlnUZ_Hy4Li-XRCFIZELm6ltmEEq_kS8jRfPt2znWGHYfSoWJkksWTdjVW-2vTMQ5nmqStpZbtsHzqWdwdIlvIWM63IycFAqZWCcOlCoxb3S3cJTU3yrSxf-tHsfie-jmRcZs9ejUVZ6C55nkmzUR47xuKojBipFdBaN_h6I-nT4qduH3cVVI9okswduQGLG8KmU4u9JKgZb569rLB6WtZ4LPvfABNCZ4IzMA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_5qaBAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQtpgD0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTUzOTUwNTkwOTY0NTg5NjU&sigh=mQV3A6WA3Ys&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=4045866511&pi=t.aa~a.416591285~i.12~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=462&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0&nras=2&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2ZQZMAgD5q&p=https%3A//www.guest-articles.com&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 15:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 92D4 28 KB
29 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSmKTgxJqNyU5HGeRtHLH917bOg52BiqRyDaqpl5hMhCnVuCqXntg5ccpVqb0g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86dcf59259e9e4886dfe193535c2c8634c6a4a28e315b4ea50610c74cd283122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:36:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jun 2017 09:37:48 GMT
server: sffe
age: 401305
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28990
x-xss-protection: 0
expires: Tue, 26 Apr 2022 23:36:09 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 92D4 30 KB
31 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcThLfdFdQyxsuxXL30npfl3lkq0ZeDyPTn1O1P2ULiv91PzawDkq3EcA_lB5Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdee9817841b44e952eb77bef7c13652ba1dc2960fc2846e297f6bb9a7abf33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:31:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jun 2020 17:33:26 GMT
server: sffe
age: 218005
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30892
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:31:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 92D4 42 KB
43 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQX3T2dbDO5oHooYNuQcSjs_veyTcbvA03pW9j_wD_RVPoi9z4dbM9Auh-PRA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

917b73374a355460677ae2805965e990ef6b0ee95d2a5ac31a459fed20ae528d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:00:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 03:55:43 GMT
server: sffe
age: 183826
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43404
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:48 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 92D4 37 KB
37 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSw8SvjgX6eoitDgWgv5qJV4t_c4otq19ya5UxaabTWSC2Kicu9uEhgRGempQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2017761d31bc5ad8821788ac03af4952291d19ca121fbe671aa06e7b6d52c047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jun 2018 02:14:37 GMT
server: sffe
age: 170922
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37797
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:52 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 92D4 35 KB
35 KB 36ms
13ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcST6TCSi_3NS1NeDa-I6PkzeUf3w0HDpp3mFUormyyR_BkEniolbXMMgulrDnI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ade15298a2b4853d3345f21e5bf9813309f40e5ec11f6867cb73256b4aab31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 03:06:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 12:31:43 GMT
server: sffe
age: 215864
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36016
x-xss-protection: 0
expires: Fri, 29 Apr 2022 03:06:50 GMT

GET
H3-29

200

8465805657729328989
tpc.googlesyndication.com/simgad/ Frame 92D4
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn-cKLwAEQ9AMY9AMyCMDxQEMwArpD
https://tpc.googlesyndication.com/simgad/8465805657729328989

19 KB
19 KB

9ms
8ms

Image
image/jpeg

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8465805657729328989

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60533bcb6ad1b773a7e41682c923c8e4bf50f8936fde5e46b8c1639b90f4e6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:44:03 GMT
x-content-type-options: nosniff
age: 170431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Thu, 14 May 2020 11:28:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 15:44:03 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 17:21:39 GMT
x-content-type-options: nosniff
server: cafe
age: 78175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8465805657729328989
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 May 2021 17:21:39 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame DC14 3 KB
552 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/2b040956e0b852f74dc3ceeb77875d75.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e82ae8f8c8936b86711f86321ba3ed3f3e11d5003d4a7ca7bd8fbad0e24f804e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 14:48:13 GMT
server: ESF
date: Sat, 01 May 2021 15:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 d4a366443545897da1eafeab7ce29204.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/ Frame DC14 39 KB
40 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/d4a366443545897da1eafeab7ce29204.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00a57a87c2d04a0811f1077bb6d08d17df458fc4da2f3ef081b6cc63fa9b0b97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40434
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Thu, 29 Apr 2021 10:47:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 10:47:07 GMT

GET
H3-29 200 97face7b4fdd4245225eb11905291dbb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/ Frame DC14 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/media/97face7b4fdd4245225eb11905291dbb.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938190272366586647/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43770dabce38d847ce1a73c61e292ce69ff60ed05a735d3679d53302bc89dc8c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 99870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2853
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Fri, 30 Apr 2021 11:20:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 11:20:04 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9444 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 03:14:09 GMT
expires: Sun, 02 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42625
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 92D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dedf767a7dde0056407ae16eb845a17d99ca519cd1912fb72613e652d2858ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 92D4 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:13:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 402658
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 26 Apr 2022 23:13:36 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 78C5 3 KB
578 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473794&bpp=5&bdt=155&idt=69&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4494271932462&frm=20&pv=2&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ph7qc9CtcJ&p=https%3A//www.guest-articles.com&dtd=88

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 14:11:18 GMT
server: ESF
date: Sat, 01 May 2021 15:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame DC14 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 09:15:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 107356
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Sat, 30 Apr 2022 09:15:18 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame DC14 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
age: 103866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:28 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 78C5 1 KB
919 B 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:28 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 78C5 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 78C5 2 KB
1 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78C5 116 KB
35 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 78C5 13 KB
6 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:49 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 78C5 25 KB
10 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 266568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

20ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnFUcBd3oZ7uhZmTOkHLbVQI31Nqg4SwNYlONIHtzfgqurv4FTxeSxhumR9RQY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 15:04:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 01-May-2021 16:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 15:04:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 15:04:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8237006826258067899/ Frame 78C5 49 KB
49 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8237006826258067899/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60b5e8e12213ff73dc3cb5e5c79b05e5f1e77ba7c00c62fd216b9ca9579e3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 05:50:57 GMT
x-content-type-options: nosniff
age: 119617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50459
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 06:40:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 78C5 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78C5 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSYm-AW6NYPr-NtLAbJShs9gP4-iWwWLGsIez-Azl2NTYlRQQASCEr9EjYJUCoAHawpmHA8gBCagDAcgDywSqBPwBT9D4OfhKWGCnvcfLLHAXyKW0YGP5wsiPZc4qt4RaViFEL830KpMVagDTbzJfnLcs7-99sMmbs4n7-qxPJV5xIewbYEfBIzXsIS-4jxNmwgjiyzwAe7e9IhF0gU-FBrOh_eHrWIJXEjvA65UTzi3UIejeUy6ZbA17PwWj6JJeruMA9vZdS1W5DynO_AepqIBv11eayPR-fmhQ40QPrNXDsLD5pYHHv9Q1aQQRKnDuRsVGg_xP0tQZtJWchp4-dWp8QIg-zWMURwzLtm-3njaNdBLemYGWmUZEUVeg6cXNPBTzFNmOgfCQNEcOwvztW8gGdB8HrOXgK1D-aXsYwATv9d_UpwOSBQQIBBgBkgUECAUYBKAGLoAHjr3meKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC54AjSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQBshcaChgIABIUcHViLTUzOTUwNTkwOTY0NTg5NjU&sigh=zrDTDQReNEU&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&slotname=2708305463&adk=3098185010&adf=4134371643&pi=t.ma~as.2708305463&w=1110&fwrn=4&fwrnh=100&lmt=1619881473&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881473794&bpp=5&bdt=155&idt=69&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4494271932462&frm=20&pv=2&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ph7qc9CtcJ&p=https%3A//www.guest-articles.com&dtd=88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 15:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 78C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9adb206df98c8fb492d771f6913b1d6ae7b2ad54afafe9c58ed9087a9f9c61e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9444 35 B
463 B 12ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQCaRH-q_frQm1LnJSDKuw&google_cver=1&google_push=AQvitUKdyV_yQjF6juDhSzMiSo9jp504mzOxomnFLfyys8RjlyJEZA5GkOycp_bAtBB12fVyhQorH8pRWpWxZAXcqOMojGel7kC2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jc...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUFnQUFCUkRULVhOaA&google_push=AQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jcfGAU5rE29Q_8gizby1Da5UignKSrAy9HLB1MqsjXF3vPY2gG68prioVBI

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUFnQUFCUkRULVhOaA&google_push=AQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jcfGAU5rE29Q_8gizby1Da5UignKSrAy9HLB1MqsjXF3vPY2gG68prioVBI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUFnQUFCUkRULVhOaA&google_push=AQvitUKtgk5qyCQDWdT0wj7kcWtagQ2Q7yUDwqwG6jcfGAU5rE29Q_8gizby1Da5UignKSrAy9HLB1MqsjXF3vPY2gG68prioVBI
Date: Sat, 01 May 2021 15:04:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMNELlPlrACNrhHNL9fOZzg&google_cver=1&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1
https://rtb.openx.net/sync/dds?google_gid=CAESEMNELlPlrACNrhHNL9fOZzg&google_cver=1&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&google_hm=IizdIVrrxNksFxL4_TvIrw==

170 B
188 B

33ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&google_hm=IizdIVrrxNksFxL4_TvIrw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJD1cOQGDEZFN13TGJeK2Er5Yl9eNW-0Ayie2MxYTHxIgpH8upB_vGZE53noD8Z-80jgkvBXEjHXz4B_q-J5Pmk75Epguk1&google_hm=IizdIVrrxNksFxL4_TvIrw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 23v1fiauarpgjh2r5pp5k2s96a4v0ri0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeWJbCfnR4pNigt0tVXrwHasI4meNYEC_q3reCZuS9nkdwvQs6QDS7iaqgqwPTex-YqXYoXItfEZpCeWqnRjodBS88jMQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeWJbCfnR4pNigt0tVXrwHasI4meNYEC_q3reCZuS9nkdwvQs6QDS7iaqgqwPTex-YqXYoXItfEZpCeWqnRjodBS88jMQ
Date: Sat, 01 May 2021 15:04:33 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEo6VaJocze3Sw1F7CnoZag&google_cver=1&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxURFQtMS0xS0JG&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQvxXighMZBrr-G2KS8AbDhgu7M

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxURFQtMS0xS0JG&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQvxXighMZBrr-G2KS8AbDhgu7M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxURFQtMS0xS0JG&google_push=AQvitUL64VY7OneSIyQ9nryKVsoHXSwmP-_stH8fomMh3WMEsAXZG9GoJ8E523mTvwmQ2RwnkQvxXighMZBrr-G2KS8AbDhgu7M
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_cver=1&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQ...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_cver=1&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQP3K8aWCg-6a04jpDdtM31QWykogfZN4HVLWJ1UO92JaXXKYXqswbaBvS_gxIMiu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 15:04:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_cver=1&google_gid=CAESEKaSFE3HdOEnwjaOEnrELrc&google_push=AQvitUItgMu42cl44LHvzwQFvc95xCe4j6WAQP3K8aWCg-6a04jpDdtM31QWykogfZN4HVLWJ1UO92JaXXKYXqswbaBvS_gxIMiu
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9444
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHGdjTdlu_PdczaL81tPfeM&google_cver=1&google_push=AQvitUIuPfk597DJrGejuhTc...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIuPfk597DJrGejuhTcm7GzedIMLPv3d-JAqmZmNS0dn2anxxSseSpm5hxHbAEJMHpaKUVmp9W1J0nQ69uhiT3UKqDWrHyH8A&google_hm=

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIuPfk597DJrGejuhTcm7GzedIMLPv3d-JAqmZmNS0dn2anxxSseSpm5hxHbAEJMHpaKUVmp9W1J0nQ69uhiT3UKqDWrHyH8A&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIuPfk597DJrGejuhTcm7GzedIMLPv3d-JAqmZmNS0dn2anxxSseSpm5hxHbAEJMHpaKUVmp9W1J0nQ69uhiT3UKqDWrHyH8A&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 30 Apr 2021 15:04:34 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9444 0
49 B 30ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDKYTm_mQbax2r1rKBbvDAO7DsHPnMvJuuIuDuSRDrOYhzffGxXU5g9iG6ND1lVGgWU-fE-A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 78C5 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 536456
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 78C5 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 103867
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:27 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CEAA 2 KB
531 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 14:12:03 GMT
server: ESF
date: Sat, 01 May 2021 15:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame D5EC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame DC14 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame CEAA 1 KB
919 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:28 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame CEAA 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:01:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame CEAA 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:02:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEAA 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 15:04:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame CEAA 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 15:03:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CEAA 0
0 16ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCWxZbEqsVZzCrdtZiHncu7mxEjtbrd5gmNbcfe9eoFp5jMBPl3LnFetxQX_7jHlS4yIbQiRf8SExUNrDa7LQWdEl3lQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame CEAA 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 266568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 shopping
encrypted-tbn0.gstatic.com/ Frame CEAA 19 KB
19 KB 25ms
9ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR9SHWNi1s4-70BhDpRASUbq5InwjuKVaKB-UipjWHxTGO2os4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89caf96ac2cabced88f0a29a7d5d7bbf345bf1e46ce57c75d2bb301f578ce3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jan 2019 00:37:13 GMT
server: sffe
age: 219662
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19558
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:32 GMT

GET
H3-29 200 shopping
encrypted-tbn0.gstatic.com/ Frame CEAA 33 KB
33 KB 22ms
6ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR4yKN3YfygLPzu-bruIWJ8Dr25CzbQxBfQ3jC8jjm8k4BVlbofvMoZS747SPE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6bec907e9c9433c081a393028138cadfa0b553d0f84450dedb54ab78bbede8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:01:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Oct 2019 09:52:57 GMT
server: sffe
age: 104584
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33321
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:01:30 GMT

GET
H3-29 200 shopping
encrypted-tbn1.gstatic.com/ Frame CEAA 28 KB
28 KB 26ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSH_WBhpAM2tsl8tV-953-TDlOz9ah3GUGMceN-q352alyrFyPb9B3DMJLDqRI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a7dba89a8b19adf77aa4eba9679bf58da7bca8068aec8a5e173afb5c2c5e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 06:54:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 20:32:20 GMT
server: sffe
age: 547824
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 25 Apr 2022 06:54:10 GMT

GET
H3-29

200

6037977029595278777
tpc.googlesyndication.com/simgad/ Frame CEAA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPuoCdLhCwCRisAjIIDwAhueo-8IU
https://tpc.googlesyndication.com/simgad/6037977029595278777

148 KB
148 KB

8ms
7ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6037977029595278777

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd127d352968353a32ac7851343015c73cae54a4a6a855a42ecae4889b435242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:42 GMT
x-content-type-options: nosniff
age: 170932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151821
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 23:23:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 15:35:42 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:35:37 GMT
x-content-type-options: nosniff
server: cafe
age: 84537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6037977029595278777
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 May 2021 15:35:37 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F7F 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame CEAA
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=1746106824&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
485 B

69ms
23ms

Fetch
image/gif

184.30.25.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-25-27.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-3:80
akamai-grn: 0.b5247e68.1619881475.f69efb0
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
date: Sat, 01 May 2021 15:04:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9whhq%60uebwh*stekt%28rbpv6702-1756a7d5019-0xc0
access-control-allow-headers: *
expires: Sun, 01 May 2022 15:04:35 GMT

Redirect headers

Date: Sat, 01 May 2021 15:04:35 GMT
Strict-Transport-Security: max-age=31536000
Location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Cache-Control: private,no-cache,no-store
RlogId: t6baubqsodf%3F%3Ckuvgcp%60tqjfc*%60avj5%28rbpv6762-1792875bd3c-0x2358
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEAA 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cww44Am6NYIuECZWwlgSVwp-oBI25zZFizMfQ__0L84K2oKwYEAEghK_RI2CVAqAB7YPNwQPIAQmpAg5Mg9KHKrQ-qAMByAPLBKoEhAJP0KH8rB9G0g79uyiwi0RKJiCbVWVitmKEDEgaSZsVF-KiOT4r7L4pdEMllV6xG7jDHdxfEY-lf4Wi9Pc9haU0ALlE67c_0aDisHxxZIZ9lkz_jOAPeUvf93ji3kVAUJrfO9BRjTzxK4ZOaJLdlQ2yl7B8NjPgQ1xvcoedNdisawyYzbZCPahn6_zRnXekiI49CchKFXecQ0GqbtdphMBd7R_bskGYk10_bsG2ItcQiEx61OcisBafqfwXv--OLkTxf-9ExJpIirIdkRST1kOKjUPVDUSlIfjlUwaUv3lgBwGUh50jaBaIALbNp2SMMQA7X5Kn-JN3nfQSX508KPjw8FpWAsAE9oe3-8ECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_v7sj6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPiKBdIICQiA4YAQEAEYH4AKAcgLAdgTC4gUBZgWAbIXGgoYCAASFHB1Yi01Mzk1MDU5MDk2NDU4OTY1&sigh=LNASo3lcTQ8&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 15:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C72A 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 03:14:09 GMT
expires: Sun, 02 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42625
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CEAA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22316814ab12dd00392aed4cf436671062b5bc78dad63e7df18891ef8881441f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame CEAA 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 126442
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:13 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHli...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUF3QUFCZkQ5VHdYeQ&google_push=AQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHlin6qmsSTrqc_hvxXXMw5VHOjTFqXaDkI_RsOwHA3886zz-7M7VpT9KeW8i

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUF3QUFCZkQ5VHdYeQ&google_push=AQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHlin6qmsSTrqc_hvxXXMw5VHOjTFqXaDkI_RsOwHA3886zz-7M7VpT9KeW8i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUkxdUF3QUFCZkQ5VHdYeQ&google_push=AQvitUKHqM7S9V88Q3jKV1MkFCMPbSejyaIQjhpDHlin6qmsSTrqc_hvxXXMw5VHOjTFqXaDkI_RsOwHA3886zz-7M7VpT9KeW8i
Date: Sat, 01 May 2021 15:04:35 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJPvYHI...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJPvYHI...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MDExNTA0MzUzOTA0MTc4MDMyMDc1Mg%3D%3D&google_push=AQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFw...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MDExNTA0MzUzOTA0MTc4MDMyMDc1Mg%3D%3D&google_push=AQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFwcCYi4OymY9fZuuFyrsKX_RjXtcvIQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MDExNTA0MzUzOTA0MTc4MDMyMDc1Mg%3D%3D&google_push=AQvitUJPvYHIl0bmk_VsoDYohVVe8Ffn4vs6A6OWJoyUFQNDANCLmEUuQnKkW_xcBU2JFwcCYi4OymY9fZuuFyrsKX_RjXtcvIQ
Pragma: no-cache
Date: Sat, 01 May 2021 15:04:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE41fgxvngLj2lilrMF5K-4&google_cver=1&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8&google_hm=IizdIVrrxNksFxL4_TvIrw==

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8&google_hm=IizdIVrrxNksFxL4_TvIrw==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI81aHW2SmvubvGDs5Z6jl4VSqAJNwxZwZc0c3updmz6QFuxarMULs1kQc0ONTzU6cOt8tvwDURsB1YObk-rVGbU-j5NoD8&google_hm=IizdIVrrxNksFxL4_TvIrw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 1g3or28gm4c4kdl831nam6sussq6tf17

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULgf7N_LlMDHTqbHryLoItmAeh20ym_8L_2TT6sg4rOdhIPnGi1lRyTs6txw_fY-gUbj3EqJODFQ2qXIq7gCGobDWfhO-4e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6c7E7UKfQYWG-ZJY76w41A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULgf7N_LlMDHTqbHryLoItmAeh20ym_8L_2TT6sg4rOdhIPnGi1lRyTs6txw_fY-gUbj3EqJODFQ2qXIq7gCGobDWfhO-4e
Date: Sat, 01 May 2021 15:04:33 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAqBsV7iQxjLyG2-v-nLA5o&google_cver=1&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxUTUstUy1HVVNZ&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG_x6qtT6wvoKF4c_UOQqilIPCr

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxUTUstUy1HVVNZ&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG_x6qtT6wvoKF4c_UOQqilIPCr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081VkxUTUstUy1HVVNZ&google_push=AQvitUJ2GX9SJRIREmPbXF-iRot5ZKWUC6pxNe2IXfqqixsNi7s8dLdR9E_9HM3nS3hqksjC-AG_x6qtT6wvoKF4c_UOQqilIPCr
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIYz2B4D5_US4eftckHtHuU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_push=AQvitULFaVZk5z9rLMcoScz_AbTADQ8fAmo2rDxFwwgEcf6wGq_UlTsLDSJHZWwjwD2AZkoQtKMNv5v0wW4HQOQ34P...

170 B
188 B

35ms
35ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_push=AQvitULFaVZk5z9rLMcoScz_AbTADQ8fAmo2rDxFwwgEcf6wGq_UlTsLDSJHZWwjwD2AZkoQtKMNv5v0wW4HQOQ34PU7mypW1Ho&google_gid=CAESEIYz2B4D5_US4eftckHtHuU&google_cver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 15:04:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI1uAnHyXXddKRVygQ39JQAABFsAAAIB&google_push=AQvitULFaVZk5z9rLMcoScz_AbTADQ8fAmo2rDxFwwgEcf6wGq_UlTsLDSJHZWwjwD2AZkoQtKMNv5v0wW4HQOQ34PU7mypW1Ho&google_gid=CAESEIYz2B4D5_US4eftckHtHuU&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 01 May 2021 15:04:35 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C72A
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJxDuDj7kd4ym42GCOYvUEU&google_cver=1&google_push=AQvitUKM1UXN8TO3MC0-hg5N...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKM1UXN8TO3MC0-hg5NG7tc9s0Q7zB-2Ra8lkHxmanftJgZQXOcAXxtELqx9qqgu3OapUqJbmdxYzqFDp9gA3ght77LBZn8&google_hm=

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKM1UXN8TO3MC0-hg5NG7tc9s0Q7zB-2Ra8lkHxmanftJgZQXOcAXxtELqx9qqgu3OapUqJbmdxYzqFDp9gA3ght77LBZn8&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKM1UXN8TO3MC0-hg5NG7tc9s0Q7zB-2Ra8lkHxmanftJgZQXOcAXxtELqx9qqgu3OapUqJbmdxYzqFDp9gA3ght77LBZn8&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 30 Apr 2021 15:04:35 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame C72A 0
12 B 30ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jghyor3xPudRvqH2Ea0f2E90wyYFOTqa0JAGh_IZIEnyQYON641t8M1piK94KQ3mhOUxoooQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 15:04:35 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 2962 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2100715961&pi=t.aa~a.416591285~i.24~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1619881474&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6996947089&psa=0&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2F7-unusual-formations-which-ever-used-in-football-18-04-2021&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619881474102&bpp=1&bdt=463&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc750f7f633e4b697-22a2e4dbf7c70046%3AT%3D1619881473%3ART%3D1619881473%3AS%3DALNI_MYK8xjg178X2WzE6md-zwcNBdZj_w&prev_fmts=1110x280%2C823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=4494271932462&frm=20&pv=1&ga_vid=1403322918.1619881474&ga_sid=1619881474&ga_hid=47171394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C31060711%2C31060839&oid=3&pvsid=3796987529751018&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=8vCCkxLgjf&p=https%3A//www.guest-articles.com&dtd=27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 78690
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 17:13:05 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 636D 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuODnXSSyBU7RfOsj2IRLkHZV4uvn8g2AxwWx9eQ_lbg4e6zQQxcDUD7oHNu4TPy6OS9HOay4Xwjx6pdYreOJHyLK6vY5c9u5sO58dUuDMCprclu9UvtMrQkF2IUg&sai=AMfl-YTzLSkMgnQifDflQg2jDppta90D4vNFJjZVs-c5ta3y6hnlpHAoJE3vp22B6vZhWi19Mhhvc57c5u1F&sig=Cg0ArKJSzK7bwF4OYzQcEAE&id=lidar2&mcvt=1000&p=916,270,1116,1046&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2515041999&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619881473899&dlt=322&rpt=64&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1123 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiEiJNS-Sg58UEQOLoaqC-8oEB7JA4XgDLVRLUtNuqgTNiQd_KHsXoz8RhSA3cw0-_ZW-C2g616gJT4nFNxL8XxBXypchbQoOPJZ333iGQolG5lwOI55DbKO59tw&sai=AMfl-YTARJxiUBGgVFRCtPTmwkyxSppSKtRlTtDO987qG6cJ1hW8V3rf5KaQfes0cw3soF2gTPT_0YalwDZn&sig=Cg0ArKJSzIBXZAMDS1RKEAE&id=lidar2&mcvt=1000&p=385,1102,891,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=234751482&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619881473906&dlt=535&rpt=66&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78C5 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEs9ju8q_FWcVu95Khr2_fVJLbYr5pG5h4aWRaT7yds3Q4KK21N6XcuykvS2Gc4IBHxPpy4CZN8IErzYC2chFy-Hs8C86JzaZ9Z9Lvkkk00n-GiroDIKXsSq6toQ&sai=AMfl-YQYAssxhkH8dF4mK8sFh9GGmy3oEbQj3urFu2yXRznvXPJzbTv80E2rRP-pZGguhhWW6SvlSz0e1fja&sig=Cg0ArKJSzKZLTEQMG7oeEAE&id=lidar2&mcvt=1000&p=80,245,360,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3098185010&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619881473885&dlt=676&rpt=93&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 15:04:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.guest-articles.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fc389f5b9c37df22724bbcb8cc0d50bf
			.guest-articles.com/	1970-01-19 18:41:13	Name: __cfduid Value: d4dca4736bfbdee0df01ff8e0c37eeb6d1619881473

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
img.guest-articles.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
secureir.ebaystatic.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.ebayadservices.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.guest-articles.com
142.250.181.226
142.250.185.98
142.250.186.34
184.30.25.27
185.64.189.115
2.18.234.21
2001:4de0:ac18::1:a:3a
216.113.181.212
217.182.200.19
2606:4700:3034::6815:3f11
2606:4700::6810:a723
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
34.246.227.69
35.227.252.103
52.41.112.73
69.173.144.139
00a57a87c2d04a0811f1077bb6d08d17df458fc4da2f3ef081b6cc63fa9b0b97
02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0ade15298a2b4853d3345f21e5bf9813309f40e5ec11f6867cb73256b4aab31c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a7dba89a8b19adf77aa4eba9679bf58da7bca8068aec8a5e173afb5c2c5e70
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2017761d31bc5ad8821788ac03af4952291d19ca121fbe671aa06e7b6d52c047
22316814ab12dd00392aed4cf436671062b5bc78dad63e7df18891ef8881441f
238407bbe4d126162d47be72f588fd8091dc7a4d5230aeb491ef173b9185fea1
271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
41d159ca2d209e1c33cfe3a33748c52a09b652101fe7182ac8cda67bd9487b86
43770dabce38d847ce1a73c61e292ce69ff60ed05a735d3679d53302bc89dc8c
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4da5a79385eb0e03cc721d86a3c549a37e4ec79918b372fbfd6f05a7ed7a7dbf
54b14d96cebf1df7986d63b77b853ba6aff246a5a70f686b3080b86df5b153bb
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59f0151c21d999ed4a2a4c67011ebc89549fd5d2851221b6b29b4b5773a7f382
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7
60533bcb6ad1b773a7e41682c923c8e4bf50f8936fde5e46b8c1639b90f4e6a1
63ce42c37fd324ab20fdbade7a15ccd2585c42929af8a17ae6432dc406ce0bf6
665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
698a96d8eb0d9f7705ae941928b11f4ece9c31c978830be8a0ae9b7f8075774f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dedf767a7dde0056407ae16eb845a17d99ca519cd1912fb72613e652d2858ce
6f6c1a0b6433e0c650da81a70a1e5004a57320cb13cd188db68d309ac8fe9b16
7140b73fbdfb6744652a049bab08da55daf4bbaa76bd1766e6f031c088ec72e4
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
86d15dea013c4d1f2c837861a9b9249b0a4d3e603507c4b0615a0d9a00c6965c
86dcf59259e9e4886dfe193535c2c8634c6a4a28e315b4ea50610c74cd283122
90e1964b366729d0346b2daf96f9932b80ba38e6f0fc65e05341743f17c556cf
917b73374a355460677ae2805965e990ef6b0ee95d2a5ac31a459fed20ae528d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fdee9817841b44e952eb77bef7c13652ba1dc2960fc2846e297f6bb9a7abf33
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a155d66f15852325996296a82d80637118aeccb36197f72a59ffc977bf6f5c54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a9adb206df98c8fb492d771f6913b1d6ae7b2ad54afafe9c58ed9087a9f9c61e
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b89caf96ac2cabced88f0a29a7d5d7bbf345bf1e46ce57c75d2bb301f578ce3d
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c71f90aebb217fec76b2d1e6974ed8036ce4fe694709cc5ae03dfb5e9f3d711f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd127d352968353a32ac7851343015c73cae54a4a6a855a42ecae4889b435242
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d1ee438cb4de4b5120482ef4c90dec4e97da26f044ab3c71ccb94b097ec3e6ba
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60b5e8e12213ff73dc3cb5e5c79b05e5f1e77ba7c00c62fd216b9ca9579e3e9
e82ae8f8c8936b86711f86321ba3ed3f3e11d5003d4a7ca7bd8fbad0e24f804e
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ee6ac0af710ec6172becfb95c4f412e860ae3b49729da1ffe35b3ab77fe13172
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f6bec907e9c9433c081a393028138cadfa0b553d0f84450dedb54ab78bbede8f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.guest-articles.com Open in urlscan Pro 2606:4700:3034::6815:3f11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

68 %IPv6

23 Domains

31 Subdomains

29 IPs

6 Countries

1664 kBTransfer

3466 kBSize

2 Cookies

6 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.guest-articles.com Open in urlscan Pro
2606:4700:3034::6815:3f11 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

68 %
IPv6

23
Domains

31
Subdomains

29
IPs

6
Countries

1664 kB
Transfer

3466 kB
Size

2
Cookies

126 HTTP transactions
6 data transactions