googleads.g.doubleclick.net Open in urlscan Pro
2a00:1450:4001:809::2002  Public Scan

URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404...
Submission: On January 05 via manual from EG

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2a00:1450:4001:809::2002, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is googleads.g.doubleclick.net.
TLS certificate: Issued by GTS CA 1O1 on December 3rd 2019. Valid for: 3 months.
This is the only time googleads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 7
Domain Requested by
6 tpc.googlesyndication.com googleads.g.doubleclick.net
3 googleads.g.doubleclick.net googleads.g.doubleclick.net
2 fonts.gstatic.com googleads.g.doubleclick.net
2 pagead2.googlesyndication.com googleads.g.doubleclick.net
1 www.google.com 1 redirects
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
16 8

This site contains links to these domains. Also see Links.

Domain
www.googleadservices.com
adssettings.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh

This page contains 4 frames:

Primary Page: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Frame ID: C3022200CFC5BCC87AC0498D29B38F31
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 01C34F2253DFBA1A348A0DFEFFC2AAF0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push.html
Frame ID: A8C990E08558261282D99838E63D0D15
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/R5ZafKr0PlZ7OmGMCk95d__fihE5gBkhkjuiGGCKDDU.js
Frame ID: F1218660AD4B0E7DB2954CD71FDC2F73
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

115 kB
Transfer

268 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ads
googleads.g.doubleclick.net/pagead/
72 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fef05d0c3c050c13faee86a6517971bca5891c20deee1b364ce4274beb6dce6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 05 Jan 2020 15:01:41 GMT
server
cafe
content-length
24933
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 05-Jan-2020 15:16:41 GMT; path=/; domain=.doubleclick.net; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 05 Jan 2020 15:01:41 GMT
cache-control
private
06de1a0cf0ca9f94fb1abcb3106435ef.js
www.gstatic.com/mysidia/
7 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/06de1a0cf0ca9f94fb1abcb3106435ef.js?tag=text/kiss_one_click_handled_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0288785b9999fcc072ac611272627c0f1de91787d69d4f91c516461553fc2a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 09:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Jan 2020 08:51:06 GMT
server
sffe
age
278917
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7776000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3029
x-xss-protection
0
expires
Wed, 01 Apr 2020 09:33:04 GMT
css
fonts.googleapis.com/
4 KB
677 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 05 Jan 2020 15:01:41 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 05 Jan 2020 15:01:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 05 Jan 2020 15:01:41 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/
8 KB
4 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
430742dc86adaf021f658da38ac9d5cffe5c0cb5da2e17459567604a812cc95d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 17:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3874
x-xss-protection
0
server
cafe
etag
16000249251421057738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 17:07:15 GMT
load_preloaded_resource.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/
641 B
512 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/load_preloaded_resource.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
92941f7eab5f4f56b5908ec7094af12394abd40868c75e46952b175b40c81cd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 17:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
430
x-xss-protection
0
server
cafe
etag
348086884962726765
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 17:07:27 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b7b95a9e8cce21dcf4efaec1107252689da02840a614b57595eed184f99fffab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 19:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7951
x-xss-protection
0
server
cafe
etag
10574555057412168100
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 19:09:03 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/
30 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1272e5f7549394dcf2d56e834973b5c5e53e6bfcdc5c6b51a74007bb03928583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 17:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11636
x-xss-protection
0
server
cafe
etag
5614959280024973079
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 17:07:27 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0b1ace9b39cfa2f3de9ebd25c2b2e2b44816502e53809093d2c53dc2898f4d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 17:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1126
x-xss-protection
0
server
cafe
etag
5070557177101173266
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 17:07:31 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 15:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 05 Jan 2020 15:01:41 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/
12 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2848e6b00a24635ba24a6b6fb6287b5aec944dc3f6461aabdad17725210c559c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 17:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
cafe
etag
7767425884066297358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 17:07:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 01C3
143 B
229 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
nested-navigate
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949

Response headers

status
200
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 05 Jan 2020 14:08:46 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3175
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
cookie_push.html
pagead2.googlesyndication.com/pagead/s/ Frame A8C9
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949

Response headers

status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 04 Jan 2020 19:16:19 GMT
expires
Sun, 05 Jan 2020 19:16:19 GMT
content-type
text/html; charset=UTF-8
etag
15714087069842583550
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
652
x-xss-protection
0
cache-control
public, max-age=86400
age
71122
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
si
googleads.g.doubleclick.net/pagead/drt/ Frame 01C3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
154 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 05 Jan 2020 15:01:41 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 05-Jan-2020 16:01:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 05 Jan 2020 15:01:41 GMT
cache-control
private

Redirect headers

status
302
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 05 Jan 2020 15:01:41 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://googleads.g.doubleclick.net

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
3856622
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://googleads.g.doubleclick.net

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
4010157
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
truncated
/
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64f5b3fc5410f3c801979f1b2fa4075970c71b450c940b47f25e24620bcedf5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
R5ZafKr0PlZ7OmGMCk95d__fihE5gBkhkjuiGGCKDDU.js
pagead2.googlesyndication.com/bg/ Frame F121
12 KB
5 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/R5ZafKr0PlZ7OmGMCk95d__fihE5gBkhkjuiGGCKDDU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47965a7caaf43e567b3a618c0a4f7977ffdf8a1139801921923ba218608a0c35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578119551064433&output=html&h=250&slotname=MSN_EG_Masthead&adk=3568404875&adf=2816298166&w=970&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.msn.com%2Far-eg%2F%3Focid%3Diehp&ea=0&flash=32.0.0&wgl=1&adsid=ChEIgK_G8AUQmtfwsYTcqP2_ARIvAMgjPwFSB42NR--mm-2cLHxRLhh0H8zoss5GpQychHhdX0xZHl2y-iBZlB4yYt0&dt=1578232202159&bpp=79&bdt=-M&fdt=9822&idt=9825&shv=r20191205&cbv=r20190131&saldr=sa&correlator=8423821880557&frm=23&ife=5&pv=1&ga_vid=733220825.1578232212&ga_sid=1578232212&ga_hid=974939101&ga_fc=0&icsg=10853&nhd=1&dssz=12&mdo=0&mso=32&u_tz=120&u_his=1&u_java=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&adx=467&ady=160&biw=1903&bih=962&isw=970&ish=250&ifk=2639937215&scr_x=0&scr_y=0&eid=21065126%2C182982000%2C182982200&oid=3&pvsid=2895085661374976&pem=418&rx=0&eae=2&fc=640&docm=11&brdim=467%2C246%2C0%2C86%2C1920%2C%2C1920%2C962%2C970%2C250&vis=1&rsz=o%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=1&jar=2019-12-18-13&ifi=1&uci=1.nto3bh7go0a0&dtd=9949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 03:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 08:45:00 GMT
server
sffe
age
1422737
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5349
x-xss-protection
0
expires
Sat, 19 Dec 2020 03:49:25 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| jerExpIds string| jerUserAgent object| google_js_reporting_queue number| google_srt object| google_casm object| mys function| bgz function| mb function| init_ssb function| accbk function| cla function| cll function| clb function| clh function| ss function| st function| ha function| hb function| ia function| ja function| ga function| bga function| bgy object| GoogleUzGyiZ function| buildAttribution object| google_logging_queue undefined| goog_delegate_deferred_token function| initWindowFocus function| google_wf_async function| wfocusinit object| window_focus_for_click function| osdlfm function| osdlac function| osdlamrc function| osdsir object| googqscp function| wrpfc

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnkEZ0P6kzj2Y6WkpnYnRSH0sZMbw3ojRcCvu65Y9g2imubPOU9p_Mhw4oB
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:815::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:824::200a
0288785b9999fcc072ac611272627c0f1de91787d69d4f91c516461553fc2a2a
0b1ace9b39cfa2f3de9ebd25c2b2e2b44816502e53809093d2c53dc2898f4d83
1272e5f7549394dcf2d56e834973b5c5e53e6bfcdc5c6b51a74007bb03928583
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2848e6b00a24635ba24a6b6fb6287b5aec944dc3f6461aabdad17725210c559c
430742dc86adaf021f658da38ac9d5cffe5c0cb5da2e17459567604a812cc95d
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
47965a7caaf43e567b3a618c0a4f7977ffdf8a1139801921923ba218608a0c35
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
64f5b3fc5410f3c801979f1b2fa4075970c71b450c940b47f25e24620bcedf5e
92941f7eab5f4f56b5908ec7094af12394abd40868c75e46952b175b40c81cd4
b7b95a9e8cce21dcf4efaec1107252689da02840a614b57595eed184f99fffab
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
fef05d0c3c050c13faee86a6517971bca5891c20deee1b364ce4274beb6dce6e