URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Submission: On September 14 via manual from IN

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 39 HTTP transactions. The main IP is 40.113.90.202, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.howdidido.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 27th 2020. Valid for: 6 months.
This is the only time www.howdidido.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 40.113.90.202 8075 (MICROSOFT...)
1 95.211.66.34 60781 (LEASEWEB-...)
4 2a00:1450:400... 15169 (GOOGLE)
4 172.217.23.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 40.114.241.141 8075 (MICROSOFT...)
39 13
Domain Requested by
9 www.howdidido.com www.howdidido.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 dc.services.visualstudio.com az416426.vo.msecnd.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.howdidido.com
3 pagead2.googlesyndication.com az416426.vo.msecnd.net
3 www.googletagservices.com www.howdidido.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.howdidido.com
www.google-analytics.com
1 www.google.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 99bcc73e407e3417829cc999a9d05239.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 az416426.vo.msecnd.net www.howdidido.com
1 s.clickiocdn.com www.howdidido.com
39 14

This site contains links to these domains. Also see Links.

Domain
help.howdidido.com
www.facebook.com
www.twitter.com
www.youtube.com
Subject Issuer Validity Valid
www.howdidido.com
GeoTrust RSA CA 2018
2020-07-27 -
2021-01-27
6 months crt.sh
s.clickiocdn.com
Let's Encrypt Authority X3
2020-07-05 -
2020-10-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
*.google.de
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
*.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
www.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4
2020-04-30 -
2022-04-30
2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Frame ID: 1E9AD3852A9403262AF8AC46058C8AD2
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssisTWMVFcicMNYNRfbPIm-SjZvvM2R3b0iZ1xXuG0FARQ1h3qkDRvGPk6zF3hxiSm2_vEZncKNe0MJ0Jy5a31MWGmpjZqu3fscd1uBX5YKoyoFE_nqE04IX90IKvi_hkqm25xSx7U9K0ADnpDZL6tiN94vfp_7YtEaxXT_AtTAfwuoNcHGlOfh3K6quuU0WupolOWQqxBlB-CvcngWuz1rEBQKxKLfZ0rHW1qHEGtmRgvtMK9Yr209SEr1OyeDpXnaJ6rhE_rbL4i8pVs&sai=AMfl-YSXenHpKWAWWDCnEoPJ_LB5VzCw13ChOxYhbnklIwE7gI4Xn_WpWtqfquvuCvuoW-wuFJwoSC41HfOXbsgh42xOAYOPf2Wzc3gnFL_1LonrVqfaRULVmNUx1pLcZXs&sig=Cg0ArKJSzNPpb9yxrtXXEAE&adurl=
Frame ID: 29807CC8D3CB4AFFF9EBDC584BB9D32B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 455B116D2A4D2562BB212E97734069E1
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

39
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

14
Subdomains

13
IPs

5
Countries

876 kB
Transfer

1818 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 992e98d7-0977-48c8-bff4-e99895f6e63d
www.howdidido.com/Redirect/By/
28 KB
8 KB
Document
General
Full URL
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f0416df0d3ee9f9293ece2af373be9b42c426fdac3b49cd4d82a74c999af896e

Request headers

Host
www.howdidido.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Length
8006
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Trace-Id
0ebf0c0a-a3cf-4e4b-b30f-695f719e9a45
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
Date
Mon, 14 Sep 2020 10:02:45 GMT
css
www.howdidido.com/Content/
459 KB
249 KB
Stylesheet
General
Full URL
https://www.howdidido.com/Content/css?v=Ys8EG1adSygxp-OHPE_eehDQ1Fk20ILHojR64k8Q_Pk1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1fe8ab27fa0c7d9dd71e7a2b467e981b7678bdcfe0dc05779ce8dab63dce0080

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
e398c918-15bc-4ec7-93a6-826d785e8cad
Date
Mon, 14 Sep 2020 10:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Tue, 14 Sep 2021 10:02:46 GMT
modernizr
www.howdidido.com/bundles/
11 KB
5 KB
Script
General
Full URL
https://www.howdidido.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
3cf1584f-6c52-4c2e-a0b0-9c33c889df94
Date
Mon, 14 Sep 2020 10:02:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
5229
Expires
Tue, 14 Sep 2021 10:02:46 GMT
jquery
www.howdidido.com/bundles/
91 KB
42 KB
Script
General
Full URL
https://www.howdidido.com/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
611681ae-2396-4d8e-8833-1dd125401401
Date
Mon, 14 Sep 2020 10:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
42177
Expires
Tue, 14 Sep 2021 10:02:46 GMT
jqueryval
www.howdidido.com/bundles/
25 KB
10 KB
Script
General
Full URL
https://www.howdidido.com/bundles/jqueryval?v=hEGG8cMxk9p0ncdRUOJ-CnKN7NezhnPnWIvn6REucZo1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
14ab44f9-b2b8-4df3-8b73-090d91faef64
Date
Mon, 14 Sep 2020 10:02:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
9965
Expires
Tue, 14 Sep 2021 10:02:46 GMT
consent_213408.js
s.clickiocdn.com/t/
603 B
528 B
Script
General
Full URL
https://s.clickiocdn.com/t/consent_213408.js
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
7ea995caf4f0653a2f5bb6db20bc5b7f51b6cb0b16c9e7e9a9dbb1f0db78d7cf

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 13:17:12 GMT
server
nginx/1.16.0
etag
W/"5f578458-25b"
status
200
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
expires
Mon, 14 Sep 2020 10:32:46 GMT
icon.png
www.howdidido.com/Content/images/
2 KB
2 KB
Image
General
Full URL
https://www.howdidido.com/Content/images/icon.png
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecba713de2eba66f0cb070f78cd4317668aff9ff566f5618c4be663a83f3f508

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 10:02:46 GMT
Last-Modified
Wed, 09 Sep 2020 16:55:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"05a6b7ca86d61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2260
bootstrap
www.howdidido.com/bundles/
91 KB
35 KB
Script
General
Full URL
https://www.howdidido.com/bundles/bootstrap?v=4C0Qt8IJXg2rEblBGzs8PhKsF6vTdP9eSMB1TpaZ5sc1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8bbd9d1e432d4fe6174d6d1ca29eea04e1372c107b0a13dd23c2890b55787c30

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
c6d7e7fe-ab75-4cdb-a569-4e7fb5f6df8e
Date
Mon, 14 Sep 2020 10:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
35817
Expires
Tue, 14 Sep 2021 10:02:46 GMT
moment
www.howdidido.com/bundles/
184 KB
70 KB
Script
General
Full URL
https://www.howdidido.com/bundles/moment?v=FxCjorqTI68ng3x8X3ruJAkRKlQ8jCTSR_Yz_rQzQfw1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b566de4f803af099e19f9e9700c3806b35042fce55c31c0fe66597c5a07344af

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
b2c72017-5e34-4284-8d25-f9c995e94a27
Date
Mon, 14 Sep 2020 10:02:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Tue, 14 Sep 2021 10:02:46 GMT
clubsystems
www.howdidido.com/bundles/
63 KB
23 KB
Script
General
Full URL
https://www.howdidido.com/bundles/clubsystems?v=SpG7juNRTanNRy-EO9y_pSsWNyAfjC5C7uXXvMegxzQ1
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.90.202 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6195e54362e3d002bad1e20f2be16ae00f15cdc84bb93cba1c70ab95125df75d

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
2b4fc64b-18e1-4e88-8bcf-120599012592
Date
Mon, 14 Sep 2020 10:02:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Sep 2020 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
23512
Expires
Tue, 14 Sep 2021 10:02:46 GMT
truncated
/
20 KB
20 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83eb9d93ccf4f53341dc94c9633d75ddae047c6b20d6d3b6bc4952527de12168

Request headers

Origin
https://www.howdidido.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
gpt.js
www.googletagservices.com/tag/js/
55 KB
19 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e37e2781cbd3b06ffe25def4986135d700a5c3ab7dad85a3d57aa5dce9819ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"632 / 571 of 1000 / last-modified: 1600076428"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18872
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:46 GMT
pubads_impl_2020090901.js
securepubads.g.doubleclick.net/gpt/
263 KB
93 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
sffe /
Resource Hash
03a8445ca3eb037eb2bfeced4190d3dc8da6efed86635e4239dda4cdc0aa98c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 08:39:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94264
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:46 GMT
truncated
/
21 KB
21 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf3063718ce2c1e417a8a3e44c4f80a7cb0d418bac795ff12c686231533cd1d7

Request headers

Origin
https://www.howdidido.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/
82 KB
82 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
166549b15319fdc7b73e0392fe7c03ec7cd885f9ef3a9a0873f4ef73716aa75f

Request headers

Origin
https://www.howdidido.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
2826
date
Mon, 14 Sep 2020 09:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Mon, 14 Sep 2020 11:15:40 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1697
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (frc/8FA5)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
607c574c-301e-00d2-087a-8a5abc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 14 Sep 2020 10:32:46 GMT
integrator.js
adservice.google.de/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.howdidido.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.howdidido.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 10:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=9085014165219&correlator=2707888822156827&output=ldjh&impl=fifs&eid=21066031%2C21067417%2C21066904%2C21066994%2C21067194%2C21067027&vrg=2020090901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=4798724%2CHDIDSkin%2CHDIDLeaderboardTop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C970x250%7C900x100&cust_params=PageName%3D%26HDIDGender%3DNA%26HDIDAge%3DNA&cookie_enabled=1&bc=31&abxe=1&lmt=1600077766&dt=1600077766921&dlt=1600077766105&idt=552&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C300&adys=50%2C87&adks=1521138998%2C404766711&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.howdidido.com%2FRedirect%2FBy%2F992e98d7-0977-48c8-bff4-e99895f6e63d&dssz=19&icsg=16556735&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1322%7C1000x260&msz=1x-1%7C1000x250&ga_vid=469789456.1600077767&ga_sid=1600077767&ga_hid=1448326536&fws=0%2C0&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
0015f7600d56064df4e39488142f397b8888a1b9ac6ac407d44be477a5045fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11870
x-xss-protection
0
google-lineitem-id
-2,5265451676
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138300181492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.howdidido.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
99bcc73e407e3417829cc999a9d05239.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://99bcc73e407e3417829cc999a9d05239.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

collect
www.google-analytics.com/j/
2 B
398 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1448326536&t=pageview&_s=1&dl=https%3A%2F%2Fwww.howdidido.com%2FRedirect%2FBy%2F992e98d7-0977-48c8-bff4-e99895f6e63d&ul=en-us&de=UTF-8&dt=Registration%20Complete%20-%20HowDidiDo.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=701762729&gjid=588412816&cid=469789456.1600077767&tid=UA-76417436-1&_gid=1130382569.1600077767&_r=1&z=777388997
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 10:02:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.howdidido.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-76417436-1&cid=469789456.1600077767&jid=701762729&gjid=588412816&_gid=1130382569.1600077767&_u=IAhAAEAAAAAAAC~&z=637995865
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Sep 2020 10:02:46 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.howdidido.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2980
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssisTWMVFcicMNYNRfbPIm-SjZvvM2R3b0iZ1xXuG0FARQ1h3qkDRvGPk6zF3hxiSm2_vEZncKNe0MJ0Jy5a31MWGmpjZqu3fscd1uBX5YKoyoFE_nqE04IX90IKvi_hkqm25xSx7U9K0ADnpDZL6tiN94vfp_7YtEaxXT_AtTAfwuoNcHGlOfh3K6quuU0WupolOWQqxBlB-CvcngWuz1rEBQKxKLfZ0rHW1qHEGtmRgvtMK9Yr209SEr1OyeDpXnaJ6rhE_rbL4i8pVs&sai=AMfl-YSXenHpKWAWWDCnEoPJ_LB5VzCw13ChOxYhbnklIwE7gI4Xn_WpWtqfquvuCvuoW-wuFJwoSC41HfOXbsgh42xOAYOPf2Wzc3gnFL_1LonrVqfaRULVmNUx1pLcZXs&sig=Cg0ArKJSzNPpb9yxrtXXEAE&adurl=
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 10:02:47 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200909/r20110914/ Frame 2980
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200909/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b09061c2c28c81ae357e1857ff73170fe3095a8eeadbf95c5c7ed969148ebcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 23:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7238
x-xss-protection
0
server
cafe
etag
1574050880509598988
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Sep 2020 23:40:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/ Frame 2980
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 06:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
server
cafe
etag
15429208973290199181
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Sep 2020 06:40:28 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 2980
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1599824047903655"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28764
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:47 GMT
l
www.google.com/ads/measurement/ Frame 2980
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmG6pHdRR1MkYxaUEVf4rYQqwQPs9tqOZ0lfVJPjHKSgxdL-CDHSBGctfEaUdqU7XRXbFf
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

15100966514245751473
tpc.googlesyndication.com/simgad/ Frame 2980
65 KB
65 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15100966514245751473
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbc61d4ff42bfa434d3b895c9e74ae6d3d49956becd876d0795914a2da14c7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 29 Oct 2019 13:37:36 GMT
server
sffe
status
200
x-dns-prefetch-control
off
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66269
x-xss-protection
0
expires
Tue, 14 Sep 2021 10:02:47 GMT
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1599824047903655"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27476
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090901&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762614952e108ba9c4d6ecfd0b503cd4d9de02e6e5e04db2f0f55db8ce7ccfa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 10:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6344
x-xss-protection
0
track
dc.services.visualstudio.com/v2/ Frame
0
0
Other
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.howdidido.com
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 14 Sep 2020 10:02:46 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
281 B
402 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
179ce8c6694126866a6d44c9b20d0b1560f77e8dc334df3fa7f732ad0d81b7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
29E996E5-E0AE-47E7-AD37-9B418DF3636F
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
439
date
Mon, 14 Sep 2020 10:02:46 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
281
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 14 Sep 2020 10:02:47 GMT
truncated
/ Frame 2980
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81533cf2fa1b7feb949eff80e553d85bee5ee8367896317bad84d0a56940d284

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 455B
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 14 Sep 2020 09:20:00 GMT
expires
Tue, 14 Sep 2021 09:20:00 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2567
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 2980
0
21 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur3eNIQk3yjrZ8wi4gAzOT_B_WjfnbPirSn_2MzRsgjk0KFqh7scevD1gu3g-LD12K5zVuntezLjUSk-12_Q8gkpsJRj_eQJVbV-b2gjyHuv1rSnQeO-ts7az4dQKELeBKbBs8VS5CyM4ZJR1NZCXX8Ie1kKJ-yxNgt60iuz4GbufL4IEqgr2lUUi3kRHVqCiAjw-45iI1xEA_Cmoxeln-AWhuPurtc64Pt-jOzbIfiK82GfYkdV9_Ri57exbqwuI9ieUOYgmV6znj4-OC6w&sai=AMfl-YTlM9y97-poRUpsPmCdv0hv3wuanvi6UhRBt3OVqpHddDaLHeUYIPh1C3LKhwwFnrDQwIU37kS-JKvrRXvxVj3Bg6focOnud_lQRoFu8GWadOGUNd9FcOnD5Y3keR0&sig=Cg0ArKJSzHUZz6NwIMBwEAE&adurl=
Requested by
Host: www.howdidido.com
URL: https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 10:02:47 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090901&jk=9085014165219&bg=!S0ilSFBYOu1PCD_rqh0CAAAAWVIAAAAVCgEMD95zZy_ehQ5ShLLkIfl8RdAUoL1Yk_YiJyJ9JMxKKR7OoJF31Poem28WI90K2S0NnmkvdSickeWOLy0pq4GYdxsMq68fUyrepwJVdaimto5YjrIWghxopRrG2Z_rO5mPDK2A2Nt5_uez74BL73FM7saAx9EYekTdAwiK01KwqWJHzfI0PWhkYzpA_kct1BA076EgyClpO5dQs_pQOQZ73oGZHpvBJ-IQbTcEDJdOtnTkn4gZxmOjOCxCGm3G-e9_saCI2MOckAyGhBNaMML2GunSSxqPL_bO6rj-ncXLmIt3QG4PiV4E2AayMJUdlYULGN7h-6WgLnBPGM-MZ_ELibvPeUi7dzsj4pJQKJkBqmXkIm1OblCfkxbu2Vz6WG3ikrJsMLUwrtWQDvpxUONsLmHjWsOHM-L2MMurAMOIAkirppt2SL40pxqCKejS0PfmCZV0brVjgv15JwjLTISOm7BTzRa9eDXVDV7KdlLHc7aFnEgutWA7UdpPqsbmcaaz4Q6jELs8p6j8x_3WFUm8bKaHUC3mJH01AKHhuweTPYeT-kTr7ekxisqUAzMybrpnsx8LuuP4Co_tjWAxUkcWMLGHG2RmS-JjjOlKpsv1y3zqkYIm0BM73E5ZfcXYIM6pafUEwpxPekrWZoC-Rm_81Nx-kuuDgYY5Srs4hP5C1FwQSvVEmxWweTgIucvcLVP1aYqib2z7PVazoEdlUQ7lTeERpRQXEQS2lVgd6A9imoQMKCqwdCTxQ-n-3OcWwzAx-ny9w1lRveZ4BuGL1C4loJoGhAdZMTI6jQCBEgHZAMrBm2Wz__8i6sddNbTWFIVzVcAy7qCqwQE2dEqVzK9XLYJsycty6qG7C002mI6Wobfg7MCWFjl9EY6ehFJcVSTvRezA7_mHV-xX07T9ntTDeMUUO0WR1vrQSw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 10:02:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2980
42 B
93 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-dNJYRfMicGL9aEKKvBV4mg80zx0Q9lwlJhSd9Tb9MQgLMc4ae9v5YDdSoAj9u2FAARaQ2oH4XjBcyZ4OIGM78Och4ZqeBFU99xu-z3U&sig=Cg0ArKJSzF30rKGsqh1rEAE&adk=404766711&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=94,315,344,1285&rxlist=1&mcvt=1010&rs=3&ht=0&tfs=199&tls=1209&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=94&niot_cbk=100&md=2&btr=0&cpmav=0&lm=2&rst=1600077767064&dlt&rpt=63&isd=0&msd=0&xdi=0&ps=1600%2C1331&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1204&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.howdidido.com%2FRedirect%2FBy%2F992e98d7-0977-48c8-bff4-e99895f6e63d&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=970x250&itpl=3&v=20200911
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 10:02:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame
0
0
Other
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.howdidido.com
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 14 Sep 2020 10:03:01 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
157 B
229 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb9bdf8a1473f26a12840476e5fbb684b6dc3b46ac86050505f1b15e88faccdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.howdidido.com/Redirect/By/992e98d7-0977-48c8-bff4-e99895f6e63d
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
8BAD45CC-DC7C-45D3-A15E-E983C90D65CE
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
439
date
Mon, 14 Sep 2020 10:03:01 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
157

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| html5 object| Modernizr function| $ function| jQuery object| googletag object| ggeac object| googleToken object| googleIMState object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| jQuery110204701081730054706 object| respond object| commonJsStrict function| Croppie function| EXIF function| moment object| __lxG__consent__ function| setFilterKeys function| friendlyDates function| loadYouTubeVids function| labnolThumb function| labnolIframe function| logWithGoogleAnalytics function| removeMinAdHeight function| debounce function| CsLogger function| filterData object| csUtilities object| csAdverts object| bootler object| mootler object| formby object| csTwitter function| Waypoint boolean| isMobile function| checkCookieConsent function| bindNavLinks function| bindLogout function| bindSocialMediaLinks boolean| advertDebugMode string| GoogleAnalyticsObject function| ga object| appInsights function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| google_tag_data object| gaplugins object| gaData object| AI object| Microsoft function| __extends function| _endsWith object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
www.howdidido.com/ Name: ai_user
Value: /YQ4T|2020-09-14T10:02:46.951Z
.howdidido.com/ Name: _gat
Value: 1
.howdidido.com/ Name: _gid
Value: GA1.2.1130382569.1600077767
.howdidido.com/ Name: _ga
Value: GA1.2.469789456.1600077767

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99bcc73e407e3417829cc999a9d05239.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
az416426.vo.msecnd.net
dc.services.visualstudio.com
pagead2.googlesyndication.com
s.clickiocdn.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.howdidido.com
172.217.23.130
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81a::2001
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9a
40.113.90.202
40.114.241.141
95.211.66.34
0015f7600d56064df4e39488142f397b8888a1b9ac6ac407d44be477a5045fea
03a8445ca3eb037eb2bfeced4190d3dc8da6efed86635e4239dda4cdc0aa98c1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
166549b15319fdc7b73e0392fe7c03ec7cd885f9ef3a9a0873f4ef73716aa75f
179ce8c6694126866a6d44c9b20d0b1560f77e8dc334df3fa7f732ad0d81b7ec
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
1fe8ab27fa0c7d9dd71e7a2b467e981b7678bdcfe0dc05779ce8dab63dce0080
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
6195e54362e3d002bad1e20f2be16ae00f15cdc84bb93cba1c70ab95125df75d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
762614952e108ba9c4d6ecfd0b503cd4d9de02e6e5e04db2f0f55db8ce7ccfa1
7ea995caf4f0653a2f5bb6db20bc5b7f51b6cb0b16c9e7e9a9dbb1f0db78d7cf
81533cf2fa1b7feb949eff80e553d85bee5ee8367896317bad84d0a56940d284
83eb9d93ccf4f53341dc94c9633d75ddae047c6b20d6d3b6bc4952527de12168
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
8bbd9d1e432d4fe6174d6d1ca29eea04e1372c107b0a13dd23c2890b55787c30
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513
b09061c2c28c81ae357e1857ff73170fe3095a8eeadbf95c5c7ed969148ebcc4
b566de4f803af099e19f9e9700c3806b35042fce55c31c0fe66597c5a07344af
cb9bdf8a1473f26a12840476e5fbb684b6dc3b46ac86050505f1b15e88faccdb
cf3063718ce2c1e417a8a3e44c4f80a7cb0d418bac795ff12c686231533cd1d7
dbc61d4ff42bfa434d3b895c9e74ae6d3d49956becd876d0795914a2da14c7be
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e37e2781cbd3b06ffe25def4986135d700a5c3ab7dad85a3d57aa5dce9819ef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecba713de2eba66f0cb070f78cd4317668aff9ff566f5618c4be663a83f3f508
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0416df0d3ee9f9293ece2af373be9b42c426fdac3b49cd4d82a74c999af896e