www.sharepointpals.com Open in urlscan Pro
45.79.156.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sharepointpals.com.admin-mcas-df.ms/
Effective URL:
https://www.sharepointpals.com/
Submission: On November 23 via api (November 23rd 2022, 9:13:01 am UTC) from US — Scanned from US

Summary HTTP 154 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 25 domains to perform 154 HTTP transactions. The main IP is 45.79.156.148, located in Cedar Knolls, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.sharepointpals.com.
TLS certificate: Issued by R3 on October 11th 2022. Valid for: 3 months.

This is the only time www.sharepointpals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.224.188.157 52.224.188.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:827a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 12	45.79.156.148 45.79.156.148	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.120.97 108.138.120.97	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
8	23.52.167.93 23.52.167.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.120.210.160 104.120.210.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.41.168.23 23.41.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 33	2607:f8b0:400... 2607:f8b0:4006:807::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 1	209.140.135.138 209.140.135.138	11643 (EBAY) (EBAY)
1	23.208.217.12 23.208.217.12	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1 8	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:80a::2003	() ()
1	2607:f8b0:400... 2607:f8b0:4002:20::8	() ()
1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	() ()
1 1	2600:9000:220... 2600:9000:2209:de00:19:fc2c:a140:93a1	() ()
2 2	35.186.253.211 35.186.253.211	() ()
2 2	104.36.115.113 104.36.115.113	() ()
1 1	69.173.151.100 69.173.151.100	() ()
2 2	104.18.33.19 104.18.33.19	() ()
1 1	3.227.76.221 3.227.76.221	() ()
154	27

1 52.224.188.157 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sharepointpals.com.admin-mcas-df.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:827a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.79.156.148 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: initpals.com

sharepointpals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sharepointpals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:80d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80b::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.120.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-120-97.jfk50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.120.210.160 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-120-210-160.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:807::2001 (Hudson Falls, United States) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.135.138 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: andes-public-slcaz01-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.217.12 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-217-12.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2004 (Hudson Falls, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:80a::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:20::8 (None, )

ASN- ()

rr2---sn-5uaezn6d.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:de00:19:fc2c:a140:93a1 (None, ) 1 redirects

ASN- ()

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (None, ) 2 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.76.221 (None, ) 1 redirects

ASN- ()

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	799 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com	539 KB
25	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	198 KB
12	sharepointpals.com 1 redirects sharepointpals.com www.sharepointpals.com	366 KB
11	media.net hblg.media.net — Cisco Umbrella Rank: 1675 contextual.media.net — Cisco Umbrella Rank: 535 warp.media.net — Cisco Umbrella Rank: 2279 lg3.media.net — Cisco Umbrella Rank: 4170 cs.media.net — Cisco Umbrella Rank: 1349	223 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com	24 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	284 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	5 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 41644	44 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	625 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	adingo.jp 1 redirects cc.adingo.jp	462 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	516 B
1	agkn.com 1 redirects d.agkn.com	745 B
1	quantserve.com cms.quantserve.com	463 B
1	googlevideo.com rr2---sn-5uaezn6d.googlevideo.com	568 KB
1	ebaystatic.com secureir.ebaystatic.com — Cisco Umbrella Rank: 5684	526 B
1	ebayadservices.com 1 redirects www.ebayadservices.com — Cisco Umbrella Rank: 6466	669 B
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1634
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	336 B
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5072	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
1	admin-mcas-df.ms sharepointpals.com.admin-mcas-df.ms	1 KB
154	25

	Domain	Requested by
33	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	pagead2.googlesyndication.com	www.sharepointpals.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com sharepointpals.com.admin-mcas-df.ms www.googletagservices.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com sharepointpals.com.admin-mcas-df.ms googleads.g.doubleclick.net
11	www.sharepointpals.com	www.sharepointpals.com
10	www.gstatic.com	googleads.g.doubleclick.net
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	www.sharepointpals.com googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
3	hblg.media.net	sharepointpals.com.admin-mcas-df.ms googleads.g.doubleclick.net www.sharepointpals.com
3	mcasproxy.azureedge.net	sharepointpals.com.admin-mcas-df.ms mcasproxy.azureedge.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cc.adingo.jp	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rr2---sn-5uaezn6d.googlevideo.com	googleads.g.doubleclick.net
1	csi.gstatic.com	www.gstatic.com
1	mts0.google.com	googleads.g.doubleclick.net
1	cs.media.net	contextual.media.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	secureir.ebaystatic.com	googleads.g.doubleclick.net
1	www.ebayadservices.com	1 redirects
1	warp.media.net	googleads.g.doubleclick.net
1	qsearch-a.akamaihd.net	sharepointpals.com.admin-mcas-df.ms
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn-images.mailchimp.com	www.sharepointpals.com
1	www.googletagmanager.com	www.sharepointpals.com
1	sharepointpals.com	1 redirects
1	sharepointpals.com.admin-mcas-df.ms
154	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.meetup.com
www.youtube.com
yukthi.academy
www.initpals.com
appsto.re
play.google.com

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
sharepointpals.com R3	`2022-10-11` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.sharepointpals.com/
Frame ID: F26283CDAC01FAD79069D4B22672814E
Requests: 28 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.24.29/html/session-context-restore.html
Frame ID: B6957CDF4E997E175D6A0FADC798465A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: A690A56028508119021B852F511E10E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&adk=1812271804&adf=3025194257&lmt=1669194777&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.sharepointpals.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777153&bpp=5&bdt=449&idt=233&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6687343944643&frm=20&pv=2&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=267
Frame ID: 6E714BB4F40AFD9805B305F4130E9285
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=4206572239&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777158&bpp=7&bdt=455&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fOvZmY9fyV&p=https%3A//www.sharepointpals.com&dtd=286
Frame ID: DFA51E87FB124CAE2681F325D63A95D3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298
Frame ID: AE7582A6C342671D5FCD79124DEA307D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=280&slotname=3042908656&adk=599874578&adf=36790111&pi=t.ma~as.3042908656&w=350&fwrn=4&fwrnh=100&lmt=1669194777&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777470&bpp=9&bdt=766&idt=9&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3yRH3p1Ekf&p=https%3A//www.sharepointpals.com&dtd=17
Frame ID: D4445D30D76F2EB8944CB92010005DB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CFOrSGeR9Y5z1K4bihAah_pLAD76VpK9s99rS06wMwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNDk4ODMyNTY4MDU5MjE3N8gBCagDAaoEzgFP0B8jivnS4oaJO0DXXcZbuhXDbu2n1c7sx8P-okK8THM_Au8tAB3OzlR-D3Rs0yV2bSpqUBpJtZElP7cx6QhyMDzlgrXdmkiMbos3GOKTGg8cd_HouqBxQIOjsBPhFnzhx1l6g69zloxR_fb5hNtxltNYa7aEkQ2bOarDPkkj1lMxyl14MQkqFtdEflTiTKvi8fCLeMMtHGw0o-IKUXF4CXKJk7XsuXs6rZi4AUJQyaRETVyM_91k-qZybQVAiqnGvOElPfQtGfXhXtEm1YAGp6nbrY7ry9KlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ5ODgzMjU2ODA1OTIxNzcYAA&sigh=PdFgRTwZkho&uach_m=[UACH]&cid=CAQSGwDq26N9Y4OiKR15afF9nIBI5p6w42-6MkKbWxgBIBM
Frame ID: 9E72C407E1D26B06437AEE82D68F62D3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=250&adk=1469956278&adf=3442164965&pi=t.aa~a.3003529383~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1669194778&rafmt=1&to=qs&pwprc=4323707895&format=350x250&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194778506&bpp=1&bdt=1803&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f2587299c8f99bb-22428fb16dd80005%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw&gpic=UID%3D000008b26afb6794%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw&prev_fmts=0x0%2C545x174%2C545x174%2C350x280&nras=2&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Ral3wAsZY0&p=https%3A//www.sharepointpals.com&dtd=9
Frame ID: E0E752CCD2A8A5278352E16E1AEA373E
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5BCE9B472437AE15CF7AD1608489BCB0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 88BC7FCAF03925CD21B2A432C73038A2
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=579672257&size=336x280&cc=US&chnm=smm_migration_test&pid=8PO5X3S12&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fwww.sharepointpals.com&nse=5&vi=1669194778196997377&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B44aBaz/xq&bcpf=B44aBaz8fOnRrolnfOur8%2Fxq&bdrId=313&bid=332217&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&katpre=1&katbid=-102&pgid=p11593570434t202211230912&newfl=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=FL
Frame ID: 5618456AEFFE759EF1D020D18F3332A0
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 39C7F130090C593A58ECBCF3B2ED8376
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5EDADF52E800B1317C8C495A5D44B559
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DF1749AC1115F66286F1D914EB1A8F75
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: F5FB6A1405DDB9A4C3F5E85D3BA78A49
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 6B49CC5891946650455B8E1406D6CB11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84A33B5981D7B1DC6855FB9908CEDA8A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 2DDE6CBC58C0CE48B61F0D04EF8BEBF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0807361D09BD0B5C42DEDF932614B242
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: B6B1DDD7B87F35B4BC9E32E947528DE6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 5C5FC9BD1BB01E827D0F7CA267F57F84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9ABA6702B350E203E599A80A5D0C43B1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4D0D1D65367EAA9A8C3B9BD9F60B876
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SharePoint Pals - Community portal by SharePoint Developers for SharePoint Developers, Administrators and End Users

Page URL History Show full URLs

http://sharepointpals.com.admin-mcas-df.ms/ Page URL
https://sharepointpals.com/ HTTP 301
https://www.sharepointpals.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Page Statistics

154
Requests

93 %
HTTPS

58 %
IPv6

25
Domains

40
Subdomains

27
IPs

1
Countries

3116 kB
Transfer

6415 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharepointpals

Search URL Search Domain Scan URL

URL: https://twitter.com/sharepointpals

Search URL Search Domain Scan URL

URL: https://www.meetup.com/initpals/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/initpals/

Search URL Search Domain Scan URL

URL: https://yukthi.academy/
Title: Training

Search URL Search Domain Scan URL

URL: https://www.initpals.com/
Title: Init Pals

Search URL Search Domain Scan URL

URL: https://appsto.re/in/xTvueb.i

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sharewithpals.sp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sharepointpals.com.admin-mcas-df.ms/ Page URL
https://sharepointpals.com/ HTTP 301
https://www.sharepointpals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-165096-991415-8&mkcid=4&mkevt=2&mpt=1324886891&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=0&adtype=0&size=1x1&ipn=admain2&placement=562351 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 63

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34ryx8gEQgAkYgQkyCPiLZy55oMCP HTTP 301
https://tpc.googlesyndication.com/simgad/12673870504212230304

Request Chain 71

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_1N-WPRCwCRisAjIIdWhwKkjoppk HTTP 301
https://tpc.googlesyndication.com/simgad/16721253502277045470

Request Chain 94

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzEyMTk2Mzc4MTUyMzcwODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEClvvaIX_gf64VbuVxeAMS4&google_cver=1

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://d.agkn.com/pixel/2175/?google_gid=CAESEHhkOdtE0TtJRMCh4v9VdPI&google_cver=1&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3JKfBjMdTad_qHGdsWWJEVjYPc4lW2CcowK-36IsYMUcKP2ojH7xFao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3JKfBjMdTad_qHGdsWWJEVjYPc4lW2CcowK-36IsYMUcKP2ojH7xFao&google_hm=Q0FFU0VIaGtPZHRFMFR0SlJNQ2g0djlWZFBJ

Request Chain 143

https://rtb.openx.net/sync/dds?google_gid=CAESEE7VHO1nb_Ic87oxjgMq5eE&google_cver=1&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLXeW2VXOSYXHLJh5NUT8og HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEE7VHO1nb_Ic87oxjgMq5eE&google_cver=1&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLXeW2VXOSYXHLJh5NUT8og&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLXeW2VXOSYXHLJh5NUT8og&google_hm=w5Tbgp9Cxw8neBX-TN4YPA==

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBT22ZlE_mzCoAL3xJTL1Ls&google_cver=1&google_push=ASkJ3FasBlHtrK49DcTUIlj-Y5ESHvgFynUxECRGiwkCHWhHzxRmdKLwV_XK92KYzH-pjBdTfLIk_UIivZn4OO--n8RMdp_IA_1GF_30XW5nxgTShRJZQmm2QNb28AFce2GikOs2PF_92zc42D7hDEEcsF4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBT22ZlE_mzCoAL3xJTL1Ls&google_cver=1&google_push=ASkJ3FasBlHtrK49DcTUIlj-Y5ESHvgFynUxECRGiwkCHWhHzxRmdKLwV_XK92KYzH-pjBdTfLIk_UIivZn4OO--n8RMdp_IA_1GF_30XW5nxgTShRJZQmm2QNb28AFce2GikOs2PF_92zc42D7hDEEcsF4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GM_tvUWuTImTpk-tZCb6LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FasBlHtrK49DcTUIlj-Y5ESHvgFynUxECRGiwkCHWhHzxRmdKLwV_XK92KYzH-pjBdTfLIk_UIivZn4OO--n8RMdp_IA_1GF_30XW5nxgTShRJZQmm2QNb28AFce2GikOs2PF_92zc42D7hDEEcsF4

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK-pN8adF3KaUMPFJPC8-Ys&google_cver=1&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx0WQMozvJDwIXKtmH2gJH9ahYo_NvZFMe2nsn09ZN5rN076LGoqsQq1NYYyvN2evQNlXZzJJ5-HAIL6JU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFURkgzTFEtMVctOVdPNA==&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx0WQMozvJDwIXKtmH2gJH9ahYo_NvZFMe2nsn09ZN5rN076LGoqsQq1NYYyvN2evQNlXZzJJ5-HAIL6JU

Request Chain 146

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_cver=1&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09XIcEOTGm8QSWAeotk_Bm1qHNZFDekPqAs6rEbQTKsormYMOMVcZHu_4HuezMf3Rp4YJ4bOMCIOeVeCCYgtNqY6K8mvrbHsz-xw3K515Yna4766XEWIPyeU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09XIcEOTGm8QSWAeotk_Bm1qHNZFDekPqAs6rEbQTKsormYMOMVcZHu_4HuezMf3Rp4YJ4bOMCIOeVeCCYgtNqY6K8mvrbHsz-xw3K515Yna4766XEWIPyeU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_hm=Y33kHBWtdceNL7fPC86rTAAAAjcAAAIB&google_nid=index&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09XIcEOTGm8QSWAeotk_Bm1qHNZFDekPqAs6rEbQTKsormYMOMVcZHu_4HuezMf3Rp4YJ4bOMCIOeVeCCYgtNqY6K8mvrbHsz-xw3K515Yna4766XEWIPyeU

Request Chain 147

https://cc.adingo.jp/adx/push/?google_gid=CAESEERK36JiNcOjkzSRaSH9lNI&google_cver=1&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4GdIifHlZFzQcQtVDChbIUVTT2V-G5s078mWFGnHSkeFG2-L_A2BhGI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4GdIifHlZFzQcQtVDChbIUVTT2V-G5s078mWFGnHSkeFG2-L_A2BhGI&google_hm=ccc55e6ad00f5096b1ca1d7c2a862b47

154 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
sharepointpals.com.admin-mcas-df.ms/ 1 KB
1 KB 138ms
62ms Document
text/html 52.224.188.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://sharepointpals.com.admin-mcas-df.ms/

Protocol

HTTP/1.1

Server

52.224.188.157 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

d01c17a198c2ba8ac0597a1de0273554e3eb14a272540b6e273fca44795cf483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Nov 2022 09:12:55 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 2
X-MCAS-Request-Id: 79f00f34ebb8554a54d6586f1512cb97
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.24.29/js/ 5 KB
5 KB 208ms
68ms Script
application/javascript 2600:141b:13::17d7:827a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.24.29/js/session-context-store-helper.min.js
Requested by: Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://sharepointpals.com.admin-mcas-df.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 09:12:55 GMT
last-modified: Mon, 21 Nov 2022 13:10:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Dor7jY9XuhzpOAkbPbiHoQ==
etag: 0x8DACBC1BC681361
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ed657d2e-a01e-0044-6dbe-fe2c25000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31495867
x-ms-version: 2009-09-19
content-length: 4832

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.24.29/html/ Frame B695 209 B
661 B 68ms
67ms Document
text/html 2600:141b:13::17d7:827a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.24.29/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.24.29/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer: http://sharepointpals.com.admin-mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31386383
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Wed, 23 Nov 2022 09:12:55 GMT
etag: 0x8DACBC1E87D8662
last-modified: Mon, 21 Nov 2022 13:11:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f47a6bbf-801e-0002-6bbf-fd0538000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.24.29/js/ Frame B695 38 KB
38 KB 70ms
69ms Script
application/javascript 2600:141b:13::17d7:827a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.24.29/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.24.29/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32a4683d0b9bed95299c42225a62878cfb0a3672677b3414ffe0c944b0ed585d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.24.29/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 09:12:56 GMT
last-modified: Mon, 21 Nov 2022 13:10:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: XAreP5js/x2mOMwXICadTg==
etag: 0x8DACBC1BC5CA361
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d14d8d76-e01e-0040-35bf-fd802d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31386423
x-ms-version: 2009-09-19
content-length: 38765

GET
H2

200

Primary Request / Show response
www.sharepointpals.com/
Redirect Chain

https://sharepointpals.com/?
https://www.sharepointpals.com/

32 KB
7 KB

245ms
138ms

Document
text/html

45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sharepointpals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

initpals.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

415f0c190123803bc48aa9259f8ff296af597b2e14ad627b924d528d7188906f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sharepointpals.com.admin-mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 09:12:56 GMT
link: <https://www.sharepointpals.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 09:12:56 GMT
location: https://www.sharepointpals.com/
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
x-redirect-by: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 242ms
94ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36226530-1

Requested by

Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1ee2633d20a81535a52653aba1ee9af7bcf53d1cd15baca5178d2cc4d283415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 09:12:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 280ms
134ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc2786017109c98a0de559f9d9035ef97ae57003fd4cb52542751d0cb19c676c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49337
x-xss-protection: 0
server: cafe
etag: 7637525385326712790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 09:12:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 230ms
82ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:59:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:56 GMT

GET
H2 200 wpo-minify-header-dade5475.min.css
www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/ 554 KB
99 KB 71ms
70ms Stylesheet
text/css 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/wpo-minify-header-dade5475.min.css
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ee2981b2c3ddb13e5bdbb45cdaf4cb75c74d49a6776fc9a454c61f3cd783c512

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:56 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 08:22:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61347e2b-8a910"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 wpo-minify-header-392f3674.min.js Show response
www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/ 456 KB
142 KB 204ms
203ms Script
application/javascript 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/wpo-minify-header-392f3674.min.js
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5abf0484e92f845d81fb600b97654063edd91e03950a897f54bdb4fcc5a56f9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:56 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 08:22:04 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61347e2c-71e9d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 logo.png
www.sharepointpals.com/wp-content/themes/spals-bs4-v4/img/ 11 KB
12 KB 76ms
73ms Image
image/png 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/themes/spals-bs4-v4/img/logo.png
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff44e3839527f3a9ceb6bbcdd296bcabd7fe0387ea4e2ed291faff180b608b9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Mon, 12 Jul 2021 18:19:28 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "60ec87b0-2df9"
content-length: 11769
content-type: image/png

GET
H2 200 ahmed-150x150.png
www.sharepointpals.com/wp-content/uploads/2019/04/ 52 KB
52 KB 77ms
74ms Image
image/png 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/uploads/2019/04/ahmed-150x150.png
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0fd619a2b9f3c8ce6501f1bcd7e2cad31aead9b319e2351e95579113ac4c0e24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Sun, 14 Apr 2019 23:18:54 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5cb3bfde-ce96"
content-length: 52886
content-type: image/png

GET
H2 200 sathish_natarajan-150x150.jpg
www.sharepointpals.com/wp-content/uploads/2021/08/ 5 KB
5 KB 78ms
76ms Image
image/jpeg 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/uploads/2021/08/sathish_natarajan-150x150.jpg
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 374df8b48d5f77c375c7cff1ad0f01626641615474ed1db20fd417e3598ca0c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Fri, 27 Aug 2021 08:55:36 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "6128a888-14f1"
content-length: 5361
content-type: image/jpeg

GET
H2 200 pals.png
www.sharepointpals.com/wp-content/uploads/common/ 10 KB
10 KB 79ms
77ms Image
image/png 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/uploads/common/pals.png
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1097ab4ac81042f797f41657a2034a7be442f8c55c0c57f8098763a8855f5a0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Sun, 24 Mar 2019 11:16:20 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5c976704-2959"
content-length: 10585
content-type: image/png

GET
H2 200 itunes.png
www.sharepointpals.com/wp-content/uploads/common/ 9 KB
10 KB 79ms
77ms Image
image/png 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/uploads/common/itunes.png
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 35bf43e6ad9fd51d731ac78d8786b34fb0a0fc508fdb7d9029f0ba57e23766c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Sun, 24 Mar 2019 11:16:20 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5c976704-25f5"
content-length: 9717
content-type: image/png

GET
H2 200 play.png
www.sharepointpals.com/wp-content/uploads/common/ 2 KB
2 KB 72ms
66ms Image
image/png 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sharepointpals.com/wp-content/uploads/common/play.png
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8a36b9e2f679701677feceb5292831b97c034e88010e20d7629caa25e17a9449

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Sun, 24 Mar 2019 11:16:22 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5c976706-787"
content-length: 1927
content-type: image/png

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 323ms
65ms Stylesheet
text/css 108.138.120.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.120.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-120-97.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
Date: Wed, 23 Nov 2022 01:49:15 GMT
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P4
Age: 26623
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: dBZjkyKTQdgUIStMs4B3eq1Alsd_UDUy83xn6Pr1c51Isc9fd-Od1w==

GET
H2 200 wpo-minify-footer-05b322c5.min.js Show response
www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/ 81 KB
24 KB 75ms
71ms Script
application/javascript 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/wpo-minify-footer-05b322c5.min.js
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b7082c76d9462d9dc372eda2ab6b470a0c11bf69ef9563e25ec8d1f321ae0668

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 08:22:04 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61347e2c-144f9"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 icofont.woff2
www.sharepointpals.com/wp-content/themes/spals-bs4-v4/styles/icofont/fonts/ 4 KB
4 KB 73ms
71ms Font
application/octet-stream 45.79.156.148
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharepointpals.com/wp-content/themes/spals-bs4-v4/styles/icofont/fonts/icofont.woff2
Requested by: Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/wpo-minify-header-dade5475.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.156.148 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: initpals.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3cc47cd151a2b0a1118978d7e17ceff131336ee5a5d266d46a44bf5f333e77fb

Request headers

Referer: https://www.sharepointpals.com/wp-content/cache/wpo-minify/1630830052/assets/wpo-minify-header-dade5475.min.css
Origin: https://www.sharepointpals.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
last-modified: Mon, 12 Jul 2021 18:19:28 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "60ec87b0-f04"
content-length: 3844
content-type: application/octet-stream

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 314ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sharepointpals.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:33:27 GMT
x-content-type-options: nosniff
age: 574770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 17:33:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 256ms
67ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36226530-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 07:27:35 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6322
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 09:27:35 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 104ms
103ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4400f980be8c62095a9bb39e69c580f3f11bd5a91a26329d34974e4fb129a3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119575
x-xss-protection: 0
server: cafe
etag: 6447973704378469678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 09:12:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame A690 10 KB
5 KB 405ms
65ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 06:56:30 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 06:56:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
336 B 79ms
78ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sharepointpals.com&callback=_gfp_s_&client=ca-pub-4988325680592177&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9999f55bbfd16e1fadecbba2eb7519b71668dbc7ab365d5c9a7b73a64379bbe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 333ms
79ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sharepointpals.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 123ms
123ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.sharepointpals.com%2F&tn=NAV&cls=navbar%20nav-min%20navbar-expand-lg%20navbar-light%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E71 238 KB
63 KB 948ms
710ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&adk=1812271804&adf=3025194257&lmt=1669194777&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.sharepointpals.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777153&bpp=5&bdt=449&idt=233&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6687343944643&frm=20&pv=2&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e71f063531630a2ac4d49e7266081f96f961df6a260779b910f248d5923d5afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:58 GMT
expires: Wed, 23 Nov 2022 09:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFA5 111 KB
33 KB 805ms
794ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=4206572239&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777158&bpp=7&bdt=455&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fOvZmY9fyV&p=https%3A//www.sharepointpals.com&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea0bf52d6536c4d8f7e0164b2b70d6cc39a7d12b8dd995baa95388beac8c2a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:58 GMT
expires: Wed, 23 Nov 2022 09:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE75 107 KB
33 KB 835ms
827ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

002467353480028b77dd5ef86c0274044f1f753bbf8735f25965014016a9920f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33515
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:58 GMT
expires: Wed, 23 Nov 2022 09:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D444 37 KB
14 KB 657ms
650ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=280&slotname=3042908656&adk=599874578&adf=36790111&pi=t.ma~as.3042908656&w=350&fwrn=4&fwrnh=100&lmt=1669194777&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777470&bpp=9&bdt=766&idt=9&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3yRH3p1Ekf&p=https%3A//www.sharepointpals.com&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964e7cfc307c6b010f1e527231b7b69a2686e7edc0620f16c84ac1168bfe25ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 14062
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:58 GMT
expires: Wed, 23 Nov 2022 09:12:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 217ms
81ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=620715341&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sharepointpals.com%2F&dr=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&ul=en-us&de=UTF-8&dt=SharePoint%20Pals%20-%20Community%20portal%20by%20SharePoint%20Developers%20for%20SharePoint%20Developers%2C%20Administrators%20and%20End%20Users&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=348081425&gjid=1319520154&cid=1843495053.1669194777&tid=UA-36226530-1&_gid=456990524.1669194778&_r=1&gtm=2oub90&z=716020699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharepointpals.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sharepointpals.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E72 0
0 252ms
119ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFOrSGeR9Y5z1K4bihAah_pLAD76VpK9s99rS06wMwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNDk4ODMyNTY4MDU5MjE3N8gBCagDAaoEzgFP0B8jivnS4oaJO0DXXcZbuhXDbu2n1c7sx8P-okK8THM_Au8tAB3OzlR-D3Rs0yV2bSpqUBpJtZElP7cx6QhyMDzlgrXdmkiMbos3GOKTGg8cd_HouqBxQIOjsBPhFnzhx1l6g69zloxR_fb5hNtxltNYa7aEkQ2bOarDPkkj1lMxyl14MQkqFtdEflTiTKvi8fCLeMMtHGw0o-IKUXF4CXKJk7XsuXs6rZi4AUJQyaRETVyM_91k-qZybQVAiqnGvOElPfQtGfXhXtEm1YAGp6nbrY7ry9KlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ5ODgzMjU2ODA1OTIxNzcYAA&sigh=PdFgRTwZkho&uach_m=[UACH]&cid=CAQSGwDq26N9Y4OiKR15afF9nIBI5p6w42-6MkKbWxgBIBM

Requested by

Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=280&slotname=3042908656&adk=599874578&adf=36790111&pi=t.ma~as.3042908656&w=350&fwrn=4&fwrnh=100&lmt=1669194777&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777470&bpp=9&bdt=766&idt=9&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3yRH3p1Ekf&p=https%3A//www.sharepointpals.com&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 09:12:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H2 200 log
hblg.media.net/ Frame 9E72 35 B
0 247ms
74ms Fetch
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&viewability=83&cbdp=0.45&dn=sharepointpals.com&acid=93b4e8190e714f90a10fb4ff670138b9&dtc=east_sc&ugd=4&pvid=313&zone=d&ogbdp=0.53&prvReqId=154236749338917_966176042_11621109113131&itype=ADX&requrl=https%3A%2F%2Fwww.sharepointpals.com&bidrestime=1669194778076&app=0&cc=US&ctr=0.0&device_id=4&slotVisibility=1&size=336x280&csip=rtb-appnexus-6bd49c488b-bhgcg.SC&sc_pvid=294&commit_id=82cdc8e9&scrid=1700080813018100336028000025600&mang=1&cid=8CUU9JF8H&rme=nurl

Requested by

Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:58 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 9E72 35 B
0 226ms
67ms Fetch
image/gif 104.120.210.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.53&dn=sharepointpals.com&stid=&other_prv=294%2C313&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.110+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=93b4e8190e714f90a10fb4ff670138b9&req_id=nwI8Veo3FPFYrO2TXkbaNQ&bidfp=0.0100&pvag_id=&ugd=4&zone=d&infl=&o_ver=NT+10.0&br_ver=107.0.5304.110&exp=&deal_id=&ver=9.1.1&totalTimeBucket=0&visibility=1&fdbk_id=&second_bidder=294&totalTime=953375&e_rpm=&dmm_m22=0.5300&gpid_format=&gdpr=&vsid=&seat=BID_API&size=336x280&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&cid=8CUU9JF8H&bcrid=1700080813018100336028000025600&ogcbdp=0.5300&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.83&rawbid=0.53&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=FL&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-appnexus-6bd49c488b-bhgcg.SC&adblk=599874578&ugd_ver=&requrl=sharepointpals.com&itype=adx&pvid_seat=313_BID_API&bidrestime=0&cc=US&strg=smm_migration_test&ss=&cliIP=0&advurl=https%3A%2F%2Fsearch.yahoo.com&crid=116211091&time_stamp=2022-11-23+09%3A12%3A58&sat=1&rvshhon=&bdp=0.5300&br_id=265&ct=miami&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.41&sc_pvid=313&capd=&algo=&other_bids=0.41%2C0.53&dc=east_sc
Requested by: Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.120.210.160 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-120-210-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 09:12:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 9E72 346 KB
120 KB 311ms
132ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU573VJ2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=280&slotname=3042908656&adk=599874578&adf=36790111&pi=t.ma~as.3042908656&w=350&fwrn=4&fwrnh=100&lmt=1669194777&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777470&bpp=9&bdt=766&idt=9&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3yRH3p1Ekf&p=https%3A//www.sharepointpals.com&dtd=17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8e2078429980e07342948e6fdbb1d5d7eaf0650e2e6d7659ee8d296feb00fe05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mnt-h: 21-7qck
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 23 Nov 2022 09:12:58 GMT
server: Apache
etag: "ac9d95fa785f6f7f5566df5671aa7f69"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-11
timing-allow-origin: *
expires: Wed, 23 Nov 2022 09:17:58 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 9E72 61 KB
62 KB 291ms
69ms Script
application/javascript 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Wed, 23 Nov 2022 09:12:58 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=32361
access-control-allow-credentials: true
content-length: 62892
expires: Wed, 23 Nov 2022 18:12:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9E72 3 KB
1 KB 208ms
71ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9E72 18 KB
8 KB 203ms
65ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E72 154 KB
48 KB 238ms
100ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DFA5 2 KB
535 B 213ms
83ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=4206572239&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777158&bpp=7&bdt=455&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fOvZmY9fyV&p=https%3A//www.sharepointpals.com&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 09:00:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 116ms
116ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bc77ae8b9d052fddfb3897a1fad2fff075efa9118b328b53ad279c41b09ed35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52252
x-xss-protection: 0
server: cafe
etag: 15229338054058887815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 228ms
80ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sharepointpals.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0E7 143 KB
40 KB 850ms
850ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=250&adk=1469956278&adf=3442164965&pi=t.aa~a.3003529383~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1669194778&rafmt=1&to=qs&pwprc=4323707895&format=350x250&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194778506&bpp=1&bdt=1803&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f2587299c8f99bb-22428fb16dd80005%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw&gpic=UID%3D000008b26afb6794%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw&prev_fmts=0x0%2C545x174%2C545x174%2C350x280&nras=2&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Ral3wAsZY0&p=https%3A//www.sharepointpals.com&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f56c3e5b774a436a874ae1e2110bdf6b3b8a33f2f6b86d7e5feab87f1546ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41109
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:59 GMT
expires: Wed, 23 Nov 2022 09:12:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame AE75 2 KB
535 B 130ms
79ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 07:53:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE75 2 KB
765 B 205ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame AE75 23 KB
9 KB 219ms
77ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE75 3 KB
1 KB 179ms
65ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE75 18 KB
7 KB 209ms
68ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE75 154 KB
47 KB 112ms
101ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame AE75 34 KB
14 KB 199ms
79ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DFA5 2 KB
765 B 205ms
64ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame DFA5
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-165096-991415-8&mkcid=4&mkevt=2&mpt=1324886891&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=0&adtype=0&size=1x1&...
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
526 B

300ms
65ms

Fetch
image/gif

23.208.217.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Requested by

Protocol

Server

23.208.217.12 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-217-12.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-2:80
x-cdn: AKAMAI
date: Wed, 23 Nov 2022 09:12:59 GMT
akamai-grn: , 0.8c19df17.1669194779.23c9ec4b
strict-transport-security: max-age=31536000
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*ewa1e%28rbpv670%3D-182dc3c6054-0xd8
access-control-allow-headers: *
expires: Thu, 23 Nov 2023 09:12:59 GMT

Redirect headers

date: Wed, 23 Nov 2022 09:12:58 GMT
strict-transport-security: max-age=31536000
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version
server: ebay-proxy-server
x-ebay-pop-id: SLBSLCAZ01
location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control: private,no-cache,no-store
x-envoy-upstream-service-time: 89
rlogid: t6baubqsodf%3F%3Ctofgcp%60tqjfc*p12i%3A%28rbpv6775-184a3c30933-0x232b
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFA5 0
0 113ms
103ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxpSeGeR9Y6vIK9iOoPMPvMeZsAT67KnOaqeAjdPbD5aCzYWIFhABIOXKqwZgyYaAgNyjxBCgAcT2vt8DyAEJqAMByAPLBKoE2QFP0HZ3jyvBc472iKiAbeHOant-2NYRKZte7o3i-lsefqbSpCgzjjaKlPOl85TxBx2NGc5uLZrZo5PE8thjfRMzPS86uEu-ZIMZ4TBoNKIeuew65ZCkttGzKw4x3TywUxsXfnhH0_pfifWCNuS9VAu9DND-Y2oXTX4gL6_dud6WjG3p4loHCs9YP37oj7TTOIP91CEIEOzTaL6Z2t2Ax8F9ZjBfg6veI7wkwdT9aCsksjibz0Exrn8Qf2Vda0ENDBOWG5rCcvm0_CS_nymqXj4rTHDRW7D5BNzrwASXn6yVhQSSBQQIBBgBkgUECAUYBKAGLoAHpInBIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDP0hPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwuIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDk4ODMyNTY4MDU5MjE3NxgA&sigh=yfdU3f49L84&uach_m=[UACH]&cid=CAQSGwDq26N9r9jd2oKxMY2ti19OPcuEb6NkS6jLpxgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=4206572239&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777158&bpp=7&bdt=455&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fOvZmY9fyV&p=https%3A//www.sharepointpals.com&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 09:12:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DFA5 23 KB
9 KB 239ms
100ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DFA5 3 KB
1 KB 253ms
115ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DFA5 18 KB
7 KB 231ms
93ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA5 154 KB
47 KB 160ms
152ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame DFA5 34 KB
14 KB 207ms
64ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DFA5 53 KB
54 KB 244ms
64ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRoxIaJoR2E-IqW7zn67lLUT2QIEgK0eMnmh4xWdMHDVJXt9Kwx6gle2mZ6yo0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9439eb78fe7d52db65bb0208ced5daa6ee257c3e0e6e17c889932f6006bfa185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:52:25 GMT
x-content-type-options: nosniff
age: 51633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54703
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 07:29:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 22 Nov 2023 18:52:25 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame DFA5 28 KB
28 KB 244ms
65ms Image
image/jpeg 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQUP4KyDHPYfCAmi_zFfO4ttbnBj57WJXLiZH4o0zGXzGqtGMPxJnaEHLx0-3Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bdcd3db6c890265e214d682648786830862bb9c59aa895c2d8ceca4ffea0dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:53:35 GMT
x-content-type-options: nosniff
age: 418763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 03:42:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 12:53:35 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DFA5 30 KB
31 KB 245ms
66ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQDELEg_fyfmC8Q7LBzX97RZlVDDLoShc_GCWdl88UYNABJ8aaMU6xfQsC52Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40c60649ab564be93150d27c834b899705c32c18b5693ed494a4861a102e5990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:09:45 GMT
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30688
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:42:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 09:09:45 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DFA5 49 KB
50 KB 380ms
64ms Image
image/jpeg 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRQnfSJdL1SZAuIZxZ6jIHUnEGgNY0tHGdprBsMOW_y7lIFPGnhvvz2vyL6Qg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f38fdd59849bdb4d4562e9a401efbb4ced20d6308ee554aeadbad9507ef46eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:51 GMT
x-content-type-options: nosniff
age: 7
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50291
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 05:26:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 09:12:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DFA5 30 KB
30 KB 423ms
246ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQfzQ5i46MJTRUw6qbc_nWl4j-rnKB3O6i_d3ZU8xOnlEAdBZsp57szB8uMhBE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c3a0273885520f5b826cc26cd0f3cf7ab9df7c7f7f0a7cf050da35282ebc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:02:00 GMT
x-content-type-options: nosniff
age: 310258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30245
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 01:49:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 19:02:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DFA5 20 KB
20 KB 387ms
211ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ97dc-cgs3mNLc7otqDButnkjLFAkt4chiVJIEvibS_GmTcSGEjOMORj9zyA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c81be990b2983aefde55f717ff245f12e651e5c1041d7b3a66afdc0060c779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 13:46:15 GMT
x-content-type-options: nosniff
age: 156403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20439
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 20:30:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 21 Nov 2023 13:46:15 GMT

GET
H3

200

12673870504212230304
tpc.googlesyndication.com/simgad/ Frame DFA5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34ryx8gEQgAkYgQkyCPiLZy55oMCP
https://tpc.googlesyndication.com/simgad/12673870504212230304

110 KB
110 KB

89ms
88ms

Image
image/jpeg

2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12673870504212230304

Requested by

Protocol

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad908f536a4470b3ddc5babc7948dcf53993eea50ccc3d94bcee3010685692d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:20:30 GMT
x-content-type-options: nosniff
age: 49948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112695
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 14:55:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 19:20:30 GMT

Redirect headers

date: Wed, 23 Nov 2022 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12673870504212230304
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Dec 2022 00:59:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE75 0
0 115ms
101ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRnWkGeR9Y7mALIH5hAaR1ZmwBaPD6chtoY_Xqt8Qn4WWu6shEAEg5cqrBmDJhoCA3KPEEKABwI3g8APIAQmoAwHIA8sEqgTdAU_Qt6WE4xhUluTTpJcrqGemcKMSv5hrKri_Ysuhn3lt4CCn8LJAC363d1DVZM8Rs1WhS6RtJtoICA9gjlXJVoCXwy7oaDoPYNN-s4WIlNkhF4PF00AKt4ghgfXd5YYq3WZG_rXcbi_qFjBDZPsfM2NtQJS4kPcAQ6RsiMgX9Yuck5jrF6IdGtj3ThmYCLCKcgKtDFLnpxcb7M0T-t4OM5eCtCNX9-c7JxaW4iK5VL_RrVxlNX6SHkGu8xketcloMKa52UkQEG3eL5wQPQGVHdPkSA433ddz852K9XH9wATmh72FwAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHqPKfD6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDNpwjSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwqIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDk4ODMyNTY4MDU5MjE3NxgA&sigh=CqNPDJ61h-A&uach_m=[UACH]&cid=CAQSGwDq26N90kpHpg9z9gXcsVCSM_4sPlLl5zz8ixgBIBM&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 09:12:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 09:12:58 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AE75 28 KB
28 KB 290ms
134ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRnbC_dr3z9RcvTtY8KMSvBwrLFAc3SViyZuRUjYfVwvRJ10OnEggtF7xPedx0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99b1bf7fa1b0f6327c28545c426f5d0dab8277787aa7cb07703be91785f11bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:46:42 GMT
x-content-type-options: nosniff
age: 368776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28842
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 01:31:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 02:46:42 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AE75 20 KB
20 KB 328ms
179ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS_7K428eg01nrzsch8DoQUhkLmmd8e8ahSD6WuXm1EyavXlac&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4689720218a68668ae596f8d212be97360401c52bfab91bea343e574f9a79a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:42:56 GMT
x-content-type-options: nosniff
age: 120602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20759
x-xss-protection: 0
last-modified: Fri, 28 Dec 2018 13:14:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 21 Nov 2023 23:42:56 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AE75 19 KB
19 KB 377ms
229ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTOKuBJLMbZrICv6Cep4iMqlbVNJMMRGlVJlPEQWMvjfttdy3WpXKF12KQlhpw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5193f817e7b31b63c4be893de9e5d0a73b04acde1f9b8152e4ce7e274f982265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 09:23:12 GMT
x-content-type-options: nosniff
age: 517786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19518
x-xss-protection: 0
last-modified: Tue, 10 May 2022 03:41:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 17 Nov 2023 09:23:12 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame AE75 16 KB
16 KB 313ms
164ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSXuSMFsrPsouPyLsrMA1xaMKxrbNJ7fPmESZdrRrNlzfSXzxQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d38e7dbdb95cf8a5fca6274ddc5536107c97be74ea8ba1e64f068b5343e27e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:59:32 GMT
x-content-type-options: nosniff
age: 555206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16758
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:04:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 16 Nov 2023 22:59:32 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame AE75 19 KB
19 KB 334ms
186ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQrrKx2koHfgl3vy_eKVD-ckDoNSimTZSqkPOzCmAjR1kEl_I&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9dfad7ac6f550c014a6661017906b539be1d53bc2efc7fdf00f13cff4fe7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 23:14:07 GMT
x-content-type-options: nosniff
age: 554331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19380
x-xss-protection: 0
last-modified: Sun, 01 Aug 2021 00:40:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 16 Nov 2023 23:14:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AE75 18 KB
18 KB 344ms
196ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSXAP4zym28W0-MAQ_qUsxn5WFii92O9I4XmT3qexUfyloPk1s&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

739a1fb11a19f6d92377df27fb2e78c49722791c498dd90aefa7f42427e2e382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 03:06:45 GMT
x-content-type-options: nosniff
age: 540373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18085
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 09:53:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 17 Nov 2023 03:06:45 GMT

GET
H3

200

16721253502277045470
tpc.googlesyndication.com/simgad/ Frame AE75
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_1N-WPRCwCRisAjIIdWhwKkjoppk
https://tpc.googlesyndication.com/simgad/16721253502277045470

29 KB
29 KB

64ms
64ms

Image
image/jpeg

2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16721253502277045470

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b21efced16df8f347b7c4a3f205119884d94cfddb67d9784481325c0ee73cf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 03:33:35 GMT
x-content-type-options: nosniff
age: 452363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29870
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 07:48:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 03:33:35 GMT

Redirect headers

date: Tue, 22 Nov 2022 22:20:14 GMT
x-content-type-options: nosniff
server: cafe
age: 39164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16721253502277045470
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Dec 2022 22:20:14 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 5BCE 10 KB
4 KB 65ms
64ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 20:13:28 GMT
etag: 10353107486223812946
expires: Tue, 06 Dec 2022 20:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 88BC 10 KB
4 KB 68ms
64ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 20:13:28 GMT
etag: 10353107486223812946
expires: Tue, 06 Dec 2022 20:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE75 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0a78fc80a2cab46d994e5bd1c4090a306a9ac5845c6a49b3282fcf2e49876d4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 smtr Show response
contextual.media.net/ Frame 5618 75 KB
31 KB 273ms
271ms Document
text/html 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=579672257&size=336x280&cc=US&chnm=smm_migration_test&pid=8PO5X3S12&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fwww.sharepointpals.com&nse=5&vi=1669194778196997377&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B44aBaz/xq&bcpf=B44aBaz8fOnRrolnfOur8%2Fxq&bdrId=313&bid=332217&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&katpre=1&katbid=-102&pgid=p11593570434t202211230912&newfl=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=FL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU573VJ2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a5a24abbc1323d6cb808e0afc969a56c6c4b29bc5e625b72f65ea601902761e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31232
content-type: text/html
date: Wed, 23 Nov 2022 09:12:59 GMT
expires: Wed, 23 Nov 2022 09:12:59 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-lbwm

GET
H2 200 bping.php
lg3.media.net/ Frame 9E72 15 B
15 B 84ms
68ms Image
text/html 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=550&&vgd_cdv=828&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=579672257&vi=1669194778196997377&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=2886781042&r=1669194778906&requrl=https%3A%2F%2Fwww.sharepointpals.com&vgd_bid=332217&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1669194778145297725&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p11593570434t202211230912&vgd_pgids=1&vgd_uspa=0&hvsid=00001669194778903006462152376339&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 23 Nov 2022 09:12:58 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=64353
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 39C7 26 KB
9 KB 94ms
93ms Document
text/html 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fbf303e98959fb11be1f36c888cb4856856be349270dd9f8230d7752859d545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9328
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 09:12:58 GMT
expires: Fri, 25 Nov 2022 09:12:58 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 9E72 35 B
199 B 69ms
67ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5007&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=2&spSource=0&ifst=0&vid=nwI8Veo3FPFYrO2TXkbaNQ&s_city=atlanta&ugd=4&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0&mx_TAF=3&sc_bdp=0.410&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.530&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=82cdc8e9&scrid=1700080813018100336028000025600&itypeid=17&mx_SPRIG=2&viewability=83&renderer=1&be=0&rtime=18.0&adj0=0.0&tmax=300&s_ip=172.217.36.131&adj2=0.0&adj1=0.0&feedback_id=nwI8Veo3FPFYrO2TXkbaNQ&adtypes=0&mx_aabpc=0&reqid=nwI8Veo3FPFYrO2TXkbaNQ&sc=FL&mowxReqId=93b4e8190e714f90a10fb4ff670138b9_1&ifdp=0&requrl=https%3A%2F%2Fwww.sharepointpals.com&bidrestime=1669194778076&pv_adtype=0&cc=US&strg=smm_migration_test&pcrid=8CU573VJ2-475646338-48-24&coppa_enf=true&sc_prspt=headerBid&bdp=0.530&ct=miami&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&mx_epbc=8CU7Q771E&dnt_enf=false&mx_ssBucket=0&vls=0&asn=202&mang=1&sc_cbdp=0.410&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&second_call=false&dn=sharepointpals.com&dt=O&acid=93b4e8190e714f90a10fb4ff670138b9&actltime=245&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.45&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&rawDn=sharepointpals.com&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-116310109131&sc_cat=IAB-3&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080813018100336028000025600&omul=1.0&res_mtype=0&chnl=smm_migration_test&pst=0&reqsize=336x280&adpos=1&mx_sua_model=x64&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUU9JF8H&tgtval=pub-ADX-116310109131&__expireat=1669195378328&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=579672257&ckfl=0&lper=1&mx_tgs=300x250%7C336x280&dummy_vsid=false&cbdp=0.45&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&pvdTmax=238&ltime=245.0&epc=475646338&ctr_vendor=EXCHANGE&prvReqId=154236749338917_966176042_11621109113131&zip=33018&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-4988325680592177&ybnca_erpm=0.53&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=264&mx_PC=1&wsip=mowx-lite-apm-gcp-carolina-56fb9d9d98-fntbt&currsrc_date=2022-11-22+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&mx_sua_cvg=1111111&psrc=fail&geoll=false&omid=0&debug_ts=2022-11-23+09%3A12%3A58&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&mx_sua_os_n=Windows+NT&pub_blk_enf=1&amptype=1&moau=true&mx_sua_os_v=10.0&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&sc_ogbdp=0.41&incentive_type=0&pid=8PR113JGC&spTo=3&zone=d&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AA8e6VJ_rpUvrYClZCOtjlQzGP57Gyl4dAE5mcmcFQL8UXf30wtys3xFSIJZA235Y-Wv3fR0&dmm_ogerpm=false&csip=rtb-appnexus-6bd49c488b-bhgcg.SC&mx_commit_id=119123143a&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=cbx1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.53&tpbTkn=false&adblk=599874578&fpuReq=0&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&sc_pvid=294&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.53~vw_exc%3D0.83~vis_sd%3D555~url_rps_b%3D11.29~dom_b%3D0.83~dc2%3D1~scd%3Dfl~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2022112221~iurl_b%3D2117.39~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D3~vis_url_b%3D0.52~vl2r_i_sd%3D2022112221~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D17~rc%3D1~vl2r_i_b%3D0.02~rps_sd%3D2022112304~vis_b%3D796.04~radv%3D0.000%2C0~url_b%3D0.47~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D29.6978~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D552~l2r_b%3D1000~erpm%3D0.53~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2022112220~sid%3D579672257~sd%3D0~uid%3Dh8LYo6ORVPmV6HRJD~url_rps_kc%3D0~cvl2r_b%3D3~btd%3D10281163509195197383818455294116076023518129764909725849867492624599851525097325189257494528~kb_src%3Dauto_bidder~d2p_l%3D20~cvl2%3D3~3pcf%3D1004.18~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.93~ogd2p_b%3D0.93~ss%3DNA~kb_dl%3Den~uiw%3D-1~ce%3D0~rps_b%3D128.11~url_srps_b%3D11.28~CI%3D101~nts%3D2~kb_ul%3Den~kb_ccks%3D1~tb%3D-1~ct%3Ddover~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D2~url_rpc_b%3D0~bid%3D0.45~kb_pt%3DHomepage~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.16~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.450%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-4988325680592177%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D599874578%7Esobp%3D0.41%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.530%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~mxe%3Dcbx1~mxbn%3DB2~ddt%3D-1~nsz%3D2~tgs%3D300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D238&utime=850&sf=0&cpr=0.6158739443251056

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 23 Nov 2022 09:12:58 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Wed, 23 Nov 2022 15:12:58 GMT

GET
DATA 200
OK truncated
/ Frame 9E72 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5edb4b4aee8ced42ef5d4e5a2e744554b72a2736c9cbc00b02796ac0e63fafbb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame AE75 20 KB
20 KB 195ms
65ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 16:38:24 GMT
x-content-type-options: nosniff
age: 232475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 16:38:24 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 5BCE 4 KB
636 B 81ms
81ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:53:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5BCE 205 B
229 B 197ms
67ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 02:43:19 GMT
x-content-type-options: nosniff
age: 23380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Nov 2023 02:43:19 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5BCE 604 B
628 B 194ms
65ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 21:29:21 GMT
x-content-type-options: nosniff
age: 42218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Nov 2023 21:29:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 5BCE 19 KB
8 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 88BC 0
0 102ms
102ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqi1cGeR9Y6jDK4ydoPMP8pan4A2Tq_H4YPTjv4mdENrZHhABIOXKqwZgyYaAgNyjxBCgAfaFv8wDyAECqQISOjYe_sFmPqgDAcgDyQSqBNkBT9Bp5CzwAHFm2gw97Odt6OKH6GCGIwXz5oTnfBkflcqslSiN9LVyIzUSo9RbJteAl2tQzE0sW70Xb4tKQAbGxCWwUCefVUG735zNoJAqgOXPmakOJRDMRxrjpTPnk9YzrL9PpK5_SHyWEQaQPS1hkmGLxoungcdzmr5ieOzMTF5rkvezW2oCoZfM6T6Twv6g07T3x_QDbvC_ZHLDwx-3V_e2BTgpddJG76RsOp17IaUCAGK1wSViSd8QTRrwGQgKARstBKE9G8vDpOI2mGvigIQBpg283ivnWcAEhPGKpMQDkgUECAQYAZIFBAgFGASgBgKAB_L5wDOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDlvyXSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDk4ODMyNTY4MDU5MjE3NxgA&sigh=r4Cxy3Jt39k&uach_m=[UACH]&cid=CAQSGwDq26N9Ef3bckA-dkqumor9-d-DRMZIphU-bRgBIBM

Requested by

Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 09:12:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 88BC 23 KB
9 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 2892789976112576685
tpc.googlesyndication.com/daca_images/simgad/ Frame 88BC 49 KB
49 KB 129ms
129ms Image
image/png 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2892789976112576685

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5558157049200ca875da8cd59fd0b746f2ff09dff4fedf348d3345df25302f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50655
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:46:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 09:12:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 88BC 3 KB
1 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 88BC 18 KB
7 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88BC 154 KB
47 KB 246ms
110ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 88BC 34 KB
13 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:06:46 GMT

GET
DATA 200
OK truncated
/ Frame DFA5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d587ee9efda9ff2acb8aa089bf882c3a93d64837468e12c690da87ed3b5e39c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DFA5 20 KB
20 KB 78ms
67ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 16:38:24 GMT
x-content-type-options: nosniff
age: 232475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 16:38:24 GMT

GET
H2

200

cksync
cs.media.net/ Frame 39C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzEyMTk2Mzc4MTUyMzcwODAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEClvvaIX_gf64VbuVxeAMS4&google_cver=1

45 B
445 B

132ms
88ms

Image
image/gif

23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEClvvaIX_gf64VbuVxeAMS4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-167-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:59 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 23 Nov 2022 09:12:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEClvvaIX_gf64VbuVxeAMS4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5EDA 143 B
166 B 66ms
65ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 08:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DF17 8 KB
895 B 80ms
79ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:52:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF17 2 KB
765 B 64ms
64ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DF17 23 KB
9 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF17 3 KB
1 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF17 18 KB
7 KB 66ms
63ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF17 154 KB
47 KB 121ms
82ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame DF17 34 KB
14 KB 91ms
70ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

GET
DATA 200
OK truncated
/ Frame 88BC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66b2befc8f972c936dd57e891feaa821e0bb6b080161e64d3d51a1188a907125

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5618 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5618 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5618 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame F5FB 36 KB
16 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=174&slotname=8213769505&adk=1234667792&adf=336530235&pi=t.ma~as.8213769505&w=545&lmt=1669194777&rafmt=11&format=545x174&url=https%3A%2F%2Fwww.sharepointpals.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194777165&bpp=2&bdt=461&idt=292&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C545x174&nras=1&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=roaXkx2CZ7&p=https%3A//www.sharepointpals.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B49 36 KB
16 KB 93ms
92ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 5618 15 B
159 B 70ms
68ms Script
text/html 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5032&&&vgd_l2type=scs_newfl&fp=9-WVZ9K0cRTIO02i9J0eBCjMjSJN1rEmYEghZ8QfGRWvlg1c0N_kkCcp3QZiOLgIjh82BC514M5CPfngInVoDmK-I_QSi3EvEbouSP3qdOzgKQF8h1_m0gobFoKk9-I5HmbmOocLLb3RO3xSVrvtFg%3D%3D&cme=bNERCMCwfIpAcEIpVHjiZ9SuCUinSntEyVzxiQ2861laFATXsJuVFy9p5aU9x2cP3kHAr3DEXVmW_cSXQTB4IIga2dxQRFPfSxXpxmh3D_HKDSz-_rAVV-ibFdBH7tbeAzXw3CmVj6WvZkMBEtYNY6AEUtnLuTM7D-qrzbkbAnpaQPMd2Rt-WsvwuvYWCe42p3nb2c8igWKKwMBp2Spq_nn-Xu4GLSOof7AWpnnAnnk%3D%7C%7Clik9o6w_cfTZ3nWIRwF3kpwEyBT6tPRYqwpEhhVzunA4O8meDjKHnT-Vpue_rPV2I2A3QkR2YKD5N8sgH8nXffnUEjajYTdeNMTw70X9eqQ-qvLRmkgk-PKmNz607DC7Jy5fr2F2RXhitgS9xizkpU8S9VFTVNIO7eAsR7guaekC3IRgnI3VGFEKEzETy33sMmf9drn3mVIYRe6WeJA04_gGuVzuRHfR0-PGkNlq_KI%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5vbmWNoGfg-EQVJ7yNxmYiGJ6enDQnOSwvIQ9MvATa3g%3D%3D%7C&ksu=224&fdkt=265&vgde_kbbh=fuoyxQBuG&kwd[]=Web+Application+Testing&kwt[]=265&kbc[]=44453&kwp[]=1&kid[]=30453248&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.31%7C2%3D5.49%7Cps%3D1.079%7C3%3D1.34%7C4%3D2.96&ktd[]=274911592704&ktrkt[]=Web+Application+Testing&kwd[]=Free+Access+Database+Templates&kwt[]=265&kbc[]=43759&kwp[]=2&kid[]=11506148&kbc2[]=tnid%3D19001%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D2.69%7C2%3D5.78%7Cps%3D1.079%7C3%3D0.41%7C4%3D2.18&ktd[]=288232850069983488&ktrkt[]=Free+Access+Database+Templates&kwd[]=Web+Development+Tools&kwt[]=265&kbc[]=50118&kwp[]=3&kid[]=30468169&kbc2[]=tnid%3D9845%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.42%7C2%3D12.21%7Cps%3D1.079%7C3%3D0.74%7C4%3D2.72&ktd[]=288231750575132928&ktrkt[]=Web+Development+Tools&kwd[]=Python+Programming+Language&kwt[]=265&kbc[]=22537&kwp[]=4&kid[]=23560184&kbc2[]=tnid%3D23015%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.92%7C2%3D8.05%7Cps%3D1.079%7C3%3D0.10%7C4%3D2.19&ktd[]=288232850086760704&ktrkt[]=Python+Programming+Language&kwd[]=Java+Programming+Basics&kwt[]=265&kbc[]=22537&kwp[]=5&kid[]=104852508&kbc2[]=tnid%3D23015%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.50%7C2%3D7.49%7Cps%3D1.079%7C3%3D0.42%7C4%3D2.04&ktd[]=288232850069983488&ktrkt[]=Java+Programming+Basics&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=US&wsip=170762306&bca=0&ugd=4&vgde_setid=Nfu&cid=8CU573VJ2&vi=1669194778196997377&vsid=3121963791523760&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_fm_lang=EN&vgd_implt=3&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=6202&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=new+york&&vgd_ifrmode=14&vgd_l1rakh=1669194778145297725&sttm=1669194778903&upk=1669194779.25798&hvsid=00001669194778903006462152376339&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080813018100336028000025600&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D9009&&vgd_vstrid=3121963791523760&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.XA~eBMJ-Nv9.WA~e8QMQOvXXX~xLjMLEQMGvuu.fi~OmYMGv9.WA~ONfvu~QNOvkj~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9ffuufffu~8xLjMGvfuuh.Ai~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~NemyvA~e8QMxLjMGv9.Xf~ejfLM8MQOvf9ffuufffu~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vf%2Cf~J7vuh~LNvu~ejfLM8MGv9.9f~LEQMQOvf9ffuufA9H~e8QMGvhiF.9H~L1Oev9.999%2C9~xLjMGv9.Hh~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvfi.FihW~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvXXf~jfLMGvu999~JLEYv9.XA~ejfLMxLjMUNv949~GYvu~QYYMQOvf9ffuufff9~Q8OvXhiFhffXh~QOv9~x8OvwWT3mFaD%2F0Y%2FFqD6r~xLjMLEQMUNv9~NejfLMGvA~G7Ovu9fWuuFAX9iuiXuihAWAWuWHXXfiHuuF9hF9fAXuWufihFHi9ihfXWHiWFhHifFfHXiiWXuXfX9ihAfXuWifXhHiHXfW~UGMQLNv1x7mMG8OOJL~OfEMjvf9~NejfvA~AENkvu99H.uW~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iA~myOfEMGv9.iA~QQvIK~UGMOjvJz~x8Bvou~NJv9~LEQMGvufW.uu~xLjMQLEQMGvuu.fW~%3DVvu9u~z7Qvf~UGMxjvJz~UGMNNUQvu~7Gvou~N7vOmeJL~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNvf~xLjMLENMGv9~G8Ov9.HX~UGME7vqmYJE1yJ~ONvW~xLjMLEQMLev9~ejfLMGvX.uF~QxEEj5M71yM8Ov~e8JB1G8j875v9.WA~1YEvu~NGOEv9.HX9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGoHiWWAfXFW9Xifuhh~O1jyvQYY~w7Yjvu~1OGjUvXiiWhHXhW~QmGEv9.Hu~N7Lv9.9~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.XA9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~QYYM1E8veu~8GNvu~Y-JvNG-u~Y-GzvRf~OO7vou~zQlvf~7yQvA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfAW&vgd_optout=0&vgd_cfud=220907&vgd_scsver=362&vgd_bhv_kbb=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001669194778903006462152376339&subBdr=196&bdrid=313&rc=0&rand=1669194779279&acid=93b4e8190e714f90a10fb4ff670138b9&matm=1669194779279&vgd_ltimesrc=1&vgd_ltime=955&vgd_rtime=951&vgd_etm=11&vgd_l1hcsd=O7qck%7C7812&vgd_l1ch=1&vgd_lhl=3230&vgd_pgid=p11593570434t202211230912&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_csip=rtb-appnexus-6bd49c488b-bhgcg.SC&vgd_sbSup=1&vgd_nrrs=6202&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU573VJ2&cpcd=I_-PZe-IDxOTuxw7I2UwbQ%3D%3D&crid=579672257&size=336x280&cc=US&chnm=smm_migration_test&pid=8PO5X3S12&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fwww.sharepointpals.com&nse=5&vi=1669194778196997377&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B44aBaz/xq&bcpf=B44aBaz8fOnRrolnfOur8%2Fxq&bdrId=313&bid=332217&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&katpre=1&katbid=-102&pgid=p11593570434t202211230912&newfl=1&htmlsrc=1&cadomain=tzR-hLcl-L9l1Y2kxt8vDUQfh45_MtTsiDPqRZDaXtI%3D&allsc=FL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 23 Nov 2022 09:12:59 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=26694
content-length: 15

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5EDA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

94ms
94ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:59 GMT
expires: Wed, 23 Nov 2022 09:12:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:12:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84A3 143 B
166 B 90ms
88ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 08:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame E0E7 9 KB
4 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=250&adk=1469956278&adf=3442164965&pi=t.aa~a.3003529383~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1669194778&rafmt=1&to=qs&pwprc=4323707895&format=350x250&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194778506&bpp=1&bdt=1803&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f2587299c8f99bb-22428fb16dd80005%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw&gpic=UID%3D000008b26afb6794%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw&prev_fmts=0x0%2C545x174%2C545x174%2C350x280&nras=2&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Ral3wAsZY0&p=https%3A//www.sharepointpals.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

GET
H3 200 fe50f845da9df46373c0476e405ca904.js Show response
www.gstatic.com/mysidia/ Frame E0E7 134 KB
50 KB 75ms
69ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe50f845da9df46373c0476e405ca904.js?tag=video_location/web_och

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14d3b16776b5fc73a8dc9c4dbbd49919859e8e4d50864d4772e905150d7fb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 07:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50858
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 07:54:48 GMT

GET
H3 200 cc1b8d1e1903d75e43ed2b2152915588.js Show response
www.gstatic.com/mysidia/ Frame E0E7 18 KB
7 KB 73ms
68ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 08:53:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0E7 8 KB
895 B 84ms
80ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E0E7 2 KB
765 B 65ms
64ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame E0E7 5 KB
2 KB 99ms
96ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E0E7 23 KB
9 KB 73ms
71ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E0E7 3 KB
1 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 19:12:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E0E7 18 KB
7 KB 75ms
73ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 20:17:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E0E7 0
0 387ms
77ms Image
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzkS5VJTZqm4bGiWeREs3FdjiPfJ613m40G5ChRAswDzJ_V4EtCFpT-uYEaE2zvEnft6aXgg5NFcb9JuZAuPVS6IrlMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=250&adk=1469956278&adf=3442164965&pi=t.aa~a.3003529383~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1669194778&rafmt=1&to=qs&pwprc=4323707895&format=350x250&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194778506&bpp=1&bdt=1803&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f2587299c8f99bb-22428fb16dd80005%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw&gpic=UID%3D000008b26afb6794%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw&prev_fmts=0x0%2C545x174%2C545x174%2C350x280&nras=2&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Ral3wAsZY0&p=https%3A//www.sharepointpals.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0E7 154 KB
47 KB 97ms
96ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame E0E7 34 KB
14 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 20:02:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E7 0
20 B 176ms
176ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBnNxdWFyZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRArIQAAAAAAgEBAMAQKDRArIQAAAAAAAENAMAEKDRADIQAAQGZm1JFAMAQSGkNMcWEybzc3d19zQ0ZjNWZ3UW9keXBjTlNnIhZ2aWRlb19sb2NhdGlvbi93ZWJfb2NoKBs=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2697934555949814849
tpc.googlesyndication.com/simgad/ Frame E0E7 151 KB
151 KB 67ms
66ms Image
image/jpeg 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2697934555949814849

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4e90c74c3350f935d79ced3a37865bab33dc939eee873e770c584713bcda25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 20:08:57 GMT
x-content-type-options: nosniff
age: 565442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154695
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 22:33:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Nov 2023 20:08:57 GMT

GET
H3 200 14964210931589609417
tpc.googlesyndication.com/simgad/ Frame E0E7 3 KB
3 KB 66ms
65ms Image
image/jpeg 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14964210931589609417?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e354d7ca1377ee17a84e988e9dcf7af375acfea6a09dde0d5388debee372abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 02:22:53 GMT
x-content-type-options: nosniff
age: 456606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3293
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 20:24:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 02:22:53 GMT

GET
H2 200 data=IUv4xrY8lGEjF6AnEtuTQykAKuI4Z5pRLvxqRT8zogPjA1-sHujOfjc3heXY7MaivTjwpMAV2g4z0Wy-
mts0.google.com/vt/ Frame E0E7 22 KB
23 KB 479ms
179ms Image
image/png 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=IUv4xrY8lGEjF6AnEtuTQykAKuI4Z5pRLvxqRT8zogPjA1-sHujOfjc3heXY7MaivTjwpMAV2g4z0Wy-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8a82b8d9147e42e2af16475d9c76984dec596449b21b5ffa4a7421a873540da2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:13:00 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
x-server-version-bin: CggIBBDL7uybBg==
server: scaffolding on HTTPServer2
etag: 0c7bc7a6a595312ed
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 23 Nov 2022 10:13:00 GMT

GET
DATA 200
OK truncated
/ Frame E0E7 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E0E7 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame E0E7 0
327 B 1210ms
444ms Ping
image/gif 2404:6800:4006:80a::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~latfh2x3&c=8077032268995&slotId=4038516134497.5&qqid=CLqa2o77w_sCFc5fwQodypcNSg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe50f845da9df46373c0476e405ca904.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:80a::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0E7 0
0 111ms
110ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C45zqGuR9Y7qlI86_hQbKr7bQBNS338Ztndes750QsLKA7JACEAEg5cqrBmDJhoCA3KPEEKAB3NGi_ALIAQmoAwHIA8sEqgTuAU_Qz13jOG_PKJsy1gazzNnVqRFVVpnNoE2Z1Jp97GVIwikQmhhk3MwTSeclwnglY7Dawns_DqDRHjCUmtp5quE5wSzdhVn0cAR4plEKLWHeXiiQ9EPxKo6yzzbkmdcCOxkjWHncGgAeTGzn5aW78ueZAZtdSC85cfaRvcuwjPN7xXm1D9woHI0ce7PX76NMk_1oQsfc_kP9CP1-VhzuxyEEwIk8dO7Do-k_nnRLK5yOGOA-vlUXmibGefkOTuy7GTVKTIqWlbdtTmHngDI-Y8pJ1Io5TKwojId5XHAECFuZcdRT7WShQH5NvISK00bABJfLoa2JBJIFBAgEGAGSBQQIBRgEoAYugAeQ3P4kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpNoP0ggPCIBhEAEYHzICigI6AoBAgAoByAsBmAyWs7aVhQS4E6EE2BMO0BUBmBYBgBcBshccChoIABIUcHViLTQ5ODgzMjU2ODA1OTIxNzcYAA&sigh=ZhDyDkgirzM&uach_m=[UACH]&cid=CAQSOwDq26N95sS1wtBYJEOERNagfmu7RJY-Myg-kMDRowWNKzPSTrENLaQk9rjnfI0l2DFXAEjpQXR9mN6VGAEgEw&template_id=545

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4988325680592177&output=html&h=250&adk=1469956278&adf=3442164965&pi=t.aa~a.3003529383~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1669194778&rafmt=1&to=qs&pwprc=4323707895&format=350x250&url=https%3A%2F%2Fwww.sharepointpals.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669194778506&bpp=1&bdt=1803&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f2587299c8f99bb-22428fb16dd80005%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw&gpic=UID%3D000008b26afb6794%3AT%3D1669194777%3ART%3D1669194777%3AS%3DALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw&prev_fmts=0x0%2C545x174%2C545x174%2C350x280&nras=2&correlator=6687343944643&frm=20&pv=1&ga_vid=1843495053.1669194777&ga_sid=1669194777&ga_hid=620715341&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C31070762%2C44770880&oid=2&pvsid=263031047099043&tmod=1646537045&uas=0&nvt=1&ref=http%3A%2F%2Fsharepointpals.com.admin-mcas-df.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Ral3wAsZY0&p=https%3A//www.sharepointpals.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 09:12:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84A3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
92ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:13:00 GMT
expires: Wed, 23 Nov 2022 09:13:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:13:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DDE 36 KB
16 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: sharepointpals.com.admin-mcas-df.ms
URL: http://sharepointpals.com.admin-mcas-df.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-5uaezn6d.googlevideo.com/ Frame E0E7 567 KB
568 KB 310ms
87ms Media
video/mp4 2607:f8b0:4002:20::8

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-5uaezn6d.googlevideo.com/videoplayback?expire=1669223579&ei=G-R9Y4uhD8rQ4QTF9p_IDg&ip=2001:550:1d05:1::4&id=e1b6b279e13c8f82&itag=18&source=youtube&requiressl=yes&mh=6P&mm=31&mn=sn-5uaezn6d&ms=au&mv=m&mvi=2&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1664654148148667&mt=1669194332&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMp_YQ_HKORTijhcUjgG4oHK7KDAC92A-AY9Y1R4usKYAiBRGhM6_OGtKPstOwpHl6f1m4rE3DJ5p0xJ4U6mKjbF9g==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPLWNVzYAVAkWSXIwCA6qws5V78RxMSywnRy5xoJg3OfAiEAglTNkxK7VTKz1O4omKxLGtqc60caLmQRVz_g0wNf4pM=&cpn=IbJCOPA8H088rK-D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:20::8 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b635465813c9400d489819fb5ec007961f6ab5bd3fc692645b7b7d9f130c5090

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 23 Nov 2022 09:12:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 01 Oct 2022 19:55:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-580680/580681
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 580681
Expires: Wed, 23 Nov 2022 09:12:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0807 1 KB
643 B 65ms
64ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:09:34 GMT
etag: 48472445140208031
expires: Wed, 23 Nov 2022 17:09:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E0E7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d1f089ffd3e4bd466b317f1a73b8f39dbb9557e2aa2398193e854453e17dedd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame B6B1 36 KB
16 KB 72ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E7 0
20 B 285ms
281ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E0E7 28 KB
28 KB 70ms
67ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 427699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 10:24:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E7 0
20 B 262ms
261ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0807 35 B
463 B 207ms
63ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPmwVIbOMMP64DtzSQ3Bd5U&google_cver=1&google_push=ASkJ3Fbbf44BEm7jhjPUVz2gmefdudLyZmqYmMUE8Efv1NKhJPaKXrC4EYSp1-OiZ5abLRe3OXvuBq6awecZ33MK_SvpAxIKkeHaZMUn9A7W9Z0eea0EueW_02fpVLBr4GMsYJXFyuwTzHlnR8g5qMpZhDE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHhkOdtE0TtJRMCh4v9VdPI&google_cver=1&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3JKfBjMdTad_qHGdsWWJEVjYPc4lW2Cc...

170 B
188 B

79ms
78ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3JKfBjMdTad_qHGdsWWJEVjYPc4lW2CcowK-36IsYMUcKP2ojH7xFao&google_hm=Q0FFU0VIaGtPZHRFMFR0SlJNQ2g0djlWZFBJ

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaNyK7Qf_V-8ULFVx5KOxor-1-8FLQWYNAz9bIixKgt98RJMT7ySq477NaZB9Ofn5j1sPnhwllP9RiG9jupz_mg1I25-9Lt3JKfBjMdTad_qHGdsWWJEVjYPc4lW2CcowK-36IsYMUcKP2ojH7xFao&google_hm=Q0FFU0VIaGtPZHRFMFR0SlJNQ2g0djlWZFBJ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: HgPMLsmW8e3HfkVCNelHlyf03BJIkrVE5RTWvDkZMzerV-0GBAvo-Q==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE7VHO1nb_Ic87oxjgMq5eE&google_cver=1&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_W...
https://rtb.openx.net/sync/dds?google_gid=CAESEE7VHO1nb_Ic87oxjgMq5eE&google_cver=1&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_W...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLX...

170 B
188 B

80ms
79ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLXeW2VXOSYXHLJh5NUT8og&google_hm=w5Tbgp9Cxw8neBX-TN4YPA==

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:12:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYX1_DaMISYFlYhqrM0w63SXTYD35W2CTYYdKd764A6G8tjdJKGTzztk48vFkojVQgXEElG7RKdTcAipp42E13t6ZftSU3_WFDXia_fkS4WkHkUs3d367TfcMAExvNFLXeW2VXOSYXHLJh5NUT8og&google_hm=w5Tbgp9Cxw8neBX-TN4YPA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 4i31gcr1om783gp19hk50teo6huvnbvu

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GM_tvUWuTImTpk-tZCb6LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

81ms
80ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GM_tvUWuTImTpk-tZCb6LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FasBlHtrK49DcTUIlj-Y5ESHvgFynUxECRGiwkCHWhHzxRmdKLwV_XK92KYzH-pjBdTfLIk_UIivZn4OO--n8RMdp_IA_1GF_30XW5nxgTShRJZQmm2QNb28AFce2GikOs2PF_92zc42D7hDEEcsF4

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GM_tvUWuTImTpk-tZCb6LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FasBlHtrK49DcTUIlj-Y5ESHvgFynUxECRGiwkCHWhHzxRmdKLwV_XK92KYzH-pjBdTfLIk_UIivZn4OO--n8RMdp_IA_1GF_30XW5nxgTShRJZQmm2QNb28AFce2GikOs2PF_92zc42D7hDEEcsF4
date: Wed, 23 Nov 2022 09:12:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK-pN8adF3KaUMPFJPC8-Ys&google_cver=1&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFURkgzTFEtMVctOVdPNA==&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx0WQMozvJDwIXKtmH2gJH9ahYo_...

170 B
188 B

80ms
80ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFURkgzTFEtMVctOVdPNA==&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx0WQMozvJDwIXKtmH2gJH9ahYo_NvZFMe2nsn09ZN5rN076LGoqsQq1NYYyvN2evQNlXZzJJ5-HAIL6JU

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFURkgzTFEtMVctOVdPNA==&google_push=ASkJ3FYB5xCq5TUxqqZbJNWKN52cyItIeqIKZPOJe63vV5fPloAadu9n2UsQWjphOvpeJLKounx0WQMozvJDwIXKtmH2gJH9ahYo_NvZFMe2nsn09ZN5rN076LGoqsQq1NYYyvN2evQNlXZzJJ5-HAIL6JU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_hm=Y33kHBWtdceNL7fPC86rTAAAAjcAAAIB&google_nid=index&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09...

170 B
188 B

80ms
80ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_hm=Y33kHBWtdceNL7fPC86rTAAAAjcAAAIB&google_nid=index&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09XIcEOTGm8QSWAeotk_Bm1qHNZFDekPqAs6rEbQTKsormYMOMVcZHu_4HuezMf3Rp4YJ4bOMCIOeVeCCYgtNqY6K8mvrbHsz-xw3K515Yna4766XEWIPyeU

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T2OBg3KK5Ap3OPAQt65K6tyqhdADgITx%2F%2F4syPMEoiAJD8SF4PK6SC%2FdTsMAB869QX%2BBLDQ%2FuA9cv6jyT0bGuOjQ5h4yCrYrB%2FqGGp83QiaxKe%2F06wWmFam4FbTyYb4U3pcyZ7sEdBarg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEty3ZrRw4TJNukLbPds0A&google_hm=Y33kHBWtdceNL7fPC86rTAAAAjcAAAIB&google_nid=index&google_push=ASkJ3Fa70JzReWYeRilVGD-xPp0I2jKdb3u09XIcEOTGm8QSWAeotk_Bm1qHNZFDekPqAs6rEbQTKsormYMOMVcZHu_4HuezMf3Rp4YJ4bOMCIOeVeCCYgtNqY6K8mvrbHsz-xw3K515Yna4766XEWIPyeU
cache-control: no-cache
cf-ray: 76e8c9510e11da17-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0807
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEERK36JiNcOjkzSRaSH9lNI&google_cver=1&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4GdIifHlZFzQcQtVDChbIUVTT2V-G5...

170 B
188 B

80ms
79ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4GdIifHlZFzQcQtVDChbIUVTT2V-G5s078mWFGnHSkeFG2-L_A2BhGI&google_hm=ccc55e6ad00f5096b1ca1d7c2a862b47

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZJ-CHiDadd6h9LKOj6Uo2g6OP9DAPiIbWMw7dbEyILBzVOxY1jfjBsoq1JhU9yigvh9_GYyOxQP-RRmWEwtCizEIBHO6mN4GdIifHlZFzQcQtVDChbIUVTT2V-G5s078mWFGnHSkeFG2-L_A2BhGI&google_hm=ccc55e6ad00f5096b1ca1d7c2a862b47
date: Wed, 23 Nov 2022 09:13:00 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0807 0
12 B 221ms
85ms Image
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpkXEg_h6CGWisr5bs9J0Km_1Ba-yct03LF6ZRrJ-jjdvzEcSqxoWvBIdIoJFpKcRq-Tnq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:13:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E72 42 B
64 B 224ms
84ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTVrusp-W83fKHZtnPZZxHAyG70y015xVrHxQCbzoXeatGxAFXCIb-Qw8LjJxNKxI_43VBWQDu-OAdc-ddXEJfJ68m&sig=Cg0ArKJSzFFnqyze68b1EAE&id=lidar2&mcvt=1004&p=0,0,284,336&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=599874578&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669194778325&rpt=631&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame 9E72 35 B
200 B 72ms
71ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=2&spSource=0&ifst=0&vid=nwI8Veo3FPFYrO2TXkbaNQ&s_city=atlanta&ugd=4&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0&mx_TAF=3&sc_bdp=0.410&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.530&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=B2&commit_id=82cdc8e9&scrid=1700080813018100336028000025600&itypeid=17&mx_SPRIG=2&viewability=83&renderer=1&be=0&rtime=18.0&adj0=0.0&tmax=300&s_ip=172.217.36.131&adj2=0.0&adj1=0.0&feedback_id=nwI8Veo3FPFYrO2TXkbaNQ&adtypes=0&mx_aabpc=0&reqid=nwI8Veo3FPFYrO2TXkbaNQ&sc=FL&mowxReqId=93b4e8190e714f90a10fb4ff670138b9_1&ifdp=0&requrl=https%3A%2F%2Fwww.sharepointpals.com&bidrestime=1669194778076&pv_adtype=0&cc=US&strg=smm_migration_test&pcrid=8CU573VJ2-475646338-48-24&coppa_enf=true&sc_prspt=headerBid&bdp=0.530&ct=miami&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&mx_epbc=8CU7Q771E&dnt_enf=false&mx_ssBucket=0&vls=0&asn=202&mang=1&sc_cbdp=0.410&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&second_call=false&dn=sharepointpals.com&dt=O&acid=93b4e8190e714f90a10fb4ff670138b9&actltime=245&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.45&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&rawDn=sharepointpals.com&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU573VJ2&epcexp=false&pubid=pub-ADX-116310109131&sc_cat=IAB-3&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080813018100336028000025600&omul=1.0&res_mtype=0&chnl=smm_migration_test&pst=0&reqsize=336x280&adpos=1&mx_sua_model=x64&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUU9JF8H&tgtval=pub-ADX-116310109131&__expireat=1669195378328&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=579672257&ckfl=0&lper=1&mx_tgs=300x250%7C336x280&dummy_vsid=false&cbdp=0.45&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&pvdTmax=238&ltime=245.0&epc=475646338&ctr_vendor=EXCHANGE&prvReqId=154236749338917_966176042_11621109113131&zip=33018&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-4988325680592177&ybnca_erpm=0.53&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=264&mx_PC=1&wsip=mowx-lite-apm-gcp-carolina-56fb9d9d98-fntbt&currsrc_date=2022-11-22+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&mx_sua_cvg=1111111&psrc=fail&geoll=false&omid=0&debug_ts=2022-11-23+09%3A12%3A58&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&mx_sua_os_n=Windows+NT&pub_blk_enf=1&amptype=1&moau=true&mx_sua_os_v=10.0&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&sc_ogbdp=0.41&incentive_type=0&pid=8PR113JGC&spTo=3&zone=d&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AA8e6VJ_rpUvrYClZCOtjlQzGP57Gyl4dAE5mcmcFQL8UXf30wtys3xFSIJZA235Y-Wv3fR0&dmm_ogerpm=false&csip=rtb-appnexus-6bd49c488b-bhgcg.SC&mx_commit_id=119123143a&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=cbx1&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.53&tpbTkn=false&adblk=599874578&fpuReq=0&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&sc_pvid=294&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.53~vw_exc%3D0.83~vis_sd%3D555~url_rps_b%3D11.29~dom_b%3D0.83~dc2%3D1~scd%3Dfl~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2022112221~iurl_b%3D2117.39~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D3~vis_url_b%3D0.52~vl2r_i_sd%3D2022112221~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D17~rc%3D1~vl2r_i_b%3D0.02~rps_sd%3D2022112304~vis_b%3D796.04~radv%3D0.000%2C0~url_b%3D0.47~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D29.6978~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D552~l2r_b%3D1000~erpm%3D0.53~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2022112220~sid%3D579672257~sd%3D0~uid%3Dh8LYo6ORVPmV6HRJD~url_rps_kc%3D0~cvl2r_b%3D3~btd%3D10281163509195197383818455294116076023518129764909725849867492624599851525097325189257494528~kb_src%3Dauto_bidder~d2p_l%3D20~cvl2%3D3~3pcf%3D1004.18~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.93~ogd2p_b%3D0.93~ss%3DNA~kb_dl%3Den~uiw%3D-1~ce%3D0~rps_b%3D128.11~url_srps_b%3D11.28~CI%3D101~nts%3D2~kb_ul%3Den~kb_ccks%3D1~tb%3D-1~ct%3Ddover~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D2~url_rpc_b%3D0~bid%3D0.45~kb_pt%3DHomepage~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.16~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.450%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-4988325680592177%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D599874578%7Esobp%3D0.41%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.530%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~mxe%3Dcbx1~mxbn%3DB2~ddt%3D-1~nsz%3D2~tgs%3D300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D238&utime=850&sf=0&cpr=0.6158739443251056&evttyp=1

Requested by

Host: www.sharepointpals.com
URL: https://www.sharepointpals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 23 Nov 2022 09:13:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
97ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d0b50aa4a07e4b343c79635293fa3dd01e461884171a9110c78c15f519ef189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11123
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C5F 36 KB
16 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFA5 42 B
64 B 88ms
85ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiZXqiwCeSBN_bS99_EUExFsAOaIVXwpivB2Bkf9waYfhBmyZfVRJHwkrVhNPMnh8Ilb-WEjEqtbgXbVy7aS734hfn2f29wgQV7aOVb6us1sDlDZ_4rCCgHBhs_tsu-dSIkjg&sai=AMfl-YRuOb3GgXv00pXtm1-v4CXogIImnRIhK18Z3NzENBFBELEZDXw4PVA21DexksKhAadXRTzSNE-264aHgO0&sig=Cg0ArKJSzEARwbfBD7uFEAE&cid=CAQSGwDq26N9r9jd2oKxMY2ti19OPcuEb6NkS6jLpxgBIBM&id=lidar2&mcvt=1000&p=0,0,174,545&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1234667792&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669194777446&rpt=1793&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E7 0
20 B 123ms
122ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBnNxdWFyZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRAUIQAAAABIGQZBMAQKDRAVIQAAAAAAADFAMAQKDRAWIQAAAAAAACBAMAQKDRAYIQAAgJmZK5pAMAQKDRAyIQAAAACamek_MAQKDRAzIQAAAACamek_MAQKDRA0IQAAAACamek_MAQKDRA1IQAAAACamek_MAQKDRA2IQAAAACamek_MAQKDRA3IQAAAACamek_MAQKDRA4IQAAAIDMzABAMAQKDRA5IQAAgGZmnopAMAQKDRA6IQAAgMzMoItAMAQKDRA7IQAAAAAAxpRAMAQKDRA8IQAAAAAAxpRAMAQKDRA9IQAAQDMzy5RAMAQKDRA-IQAAQGZm3JlAMAQKDRA_IQAAQGZm3JlAMAQKDRBAIQAAAAAAQppAMAQSGkNMcWEybzc3d19zQ0ZjNWZ3UW9keXBjTlNnIhZ2aWRlb19sb2NhdGlvbi93ZWJfb2NoKBs=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 9E72 15 B
15 B 69ms
69ms Image
text/html 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2657&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_l2type=scs_newfl&vgd_bid=332217&gdpr=0&prid=8PRVCXX19&cid=8CU573VJ2&crid=579672257&requrl=https%3A%2F%2Fwww.sharepointpals.com&vi=1669194778196997377&ugd=4&cc=US&sc=FL&bdrid=313&subBdr=196&startTime=1669194778893&vgd_l1rakh=1669194778145297725&l1ch=1&buid=332217&sttm=1669194778903&upk=1669194779.25798&hvsid=00001669194778903006462152376339&acid=93b4e8190e714f90a10fb4ff670138b9&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.53~vw_exc%3D0.83~vis_sd%3D555~url_rps_b%3D11.29~dom_b%3D0.83~dc2%3D1~scd%3Dfl~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2022112221~iurl_b%3D2117.39~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D3~vis_url_b%3D0.52~vl2r_i_sd%3D2022112221~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D17~rc%3D1~vl2r_i_b%3D0.02~rps_sd%3D2022112304~vis_b%3D796.04~radv%3D0.000%2C0~url_b%3D0.47~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D29.6978~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D552~l2r_b%3D1000~erpm%3D0.53~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2022112220~sid%3D579672257~sd%3D0~uid%3Dh8LYo6ORVPmV6HRJD~url_rps_kc%3D0~cvl2r_b%3D3~btd%3D10281163509195197383818455294116076023518129764909725849867492624599851525097325189257494528~kb_src%3Dauto_bidder~d2p_l%3D20~cvl2%3D3~3pcf%3D1004.18~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.93~ogd2p_b%3D0.93~ss%3DNA~kb_dl%3Den~uiw%3D-1~ce%3D0~rps_b%3D128.11~url_srps_b%3D11.28~CI%3D101~nts%3D2~kb_ul%3Den~kb_ccks%3D1~tb%3D-1~ct%3Ddover~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D2~url_rpc_b%3D0~bid%3D0.45~kb_pt%3DHomepage~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.16~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.450%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-4988325680592177%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D599874578%7Esobp%3D0.41%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.530%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~mxe%3Dcbx1~mxbn%3DB2~ddt%3D-1~nsz%3D2~tgs%3D300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D238&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2Ca%2C16%2C7%2Cg%2Ch%2Cgo%2Ci2%2Chb%2Cy5%2Cmk%7Ccsh%3D1&vgd_sc=FL&infr=1&twna=1&dma=528&stime=1669194778340&vgd_ecrid=1700080813018100336028000025600&l1hcsd=l1!O7qck|7812&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p11593570434t202211230912&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 23 Nov 2022 09:13:00 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=76223
content-length: 15

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
93ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.sharepointpals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 09:13:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9ABA 13 KB
5 KB 66ms
64ms Document
text/html 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 06:43:15 GMT
expires: Thu, 23 Nov 2023 06:43:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4D0 783 B
535 B 85ms
84ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f32ce293310e0f3329c30fb1ad2cff2e04e88ed9fcca825b93f8674d639d9a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SgEDMeUuEoQGiwevw8VV4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sharepointpals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-SgEDMeUuEoQGiwevw8VV4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 09:13:00 GMT
expires: Wed, 23 Nov 2022 09:13:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88BC 42 B
64 B 85ms
85ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2aVUSIx37-mdVKZazL84-5nX9Ah9bSnCxIAAawvSjjMPJ8qv_tgYVc_KakwqS6O4ro0m-71tj0Nc3VGcQptIW_oA7J9Zws17XPb8B3d6f_1dXJiWpGsAPPYMvrceGIIbxZsM&sai=AMfl-YRniqsybMWyIptT9qe0T_tXSHcopsPwNK9bpzF0P3Z_2_NlqYpmm6eH9IUlXXR14bv7nzFpv1D124ms9UU&sig=Cg0ArKJSzAvZshnS49ZqEAE&cid=CAQSGwDq26N9Ef3bckA-dkqumor9-d-DRMZIphU-bRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=547,1000,1000,1000,1000&tos=547,453,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669194778682&rpt=916&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9ABA 36 KB
16 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 20:23:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4D0 0
0 123ms
123ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=263031047099043&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9ABA 0
11 B 65ms
65ms Image
text/plain 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vGB8eQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:13:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-20 09:49:30	Name: adguid Value: f4534ca113c94acea94bcb6a43aa420c
.sharepointpals.com/	1970-01-20 17:15:54	Name: _ga Value: GA1.2.1843495053.1669194777
.sharepointpals.com/	1970-01-20 07:41:21	Name: _gid Value: GA1.2.456990524.1669194778
.sharepointpals.com/	1970-01-20 07:39:54	Name: _gat_gtag_UA_36226530_1 Value: 1
.sharepointpals.com/	1970-01-20 17:01:30	Name: __gads Value: ID=6f2587299c8f99bb-22428fb16dd80005:T=1669194777:RT=1669194777:S=ALNI_MbEGNwUhvRAuQhktOEmcpYSt7HeSw
.sharepointpals.com/	1970-01-20 17:01:30	Name: __gpi Value: UID=000008b26afb6794:T=1669194777:RT=1669194777:S=ALNI_Mb2H_QC_5nNrmyowbbvvWqZUmedyw
.media.net/	1970-01-20 16:25:30	Name: visitor-id Value: 3121963791523760000V10
.doubleclick.net/	1970-01-20 17:15:54	Name: IDE Value: AHWqTUm-oVzdeAfnyGF8hY1KZzZ-5oR4MVPTMdKolkGxSBoXfDlpXvzYs6vn1ZjSaOU
.media.net/	1970-01-20 08:00:04	Name: data-g Value: CAESEClvvaIX_gf64VbuVxeAMS4~~6
.doubleclick.net/	1970-01-20 07:39:58	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cc.adingo.jp
cdn-images.mailchimp.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
csi.gstatic.com
d.agkn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
image6.pubmatic.com
lg3.media.net
mcasproxy.azureedge.net
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qsearch-a.akamaihd.net
rr2---sn-5uaezn6d.googlevideo.com
rtb.openx.net
secureir.ebaystatic.com
sharepointpals.com
sharepointpals.com.admin-mcas-df.ms
ssum-sec.casalemedia.com
tpc.googlesyndication.com
warp.media.net
www.ebayadservices.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sharepointpals.com
104.120.210.160
104.18.33.19
104.36.115.113
108.138.120.97
142.251.40.194
209.140.135.138
23.208.217.12
23.41.168.23
23.52.167.93
2404:6800:4006:80a::2003
2600:141b:13::17d7:827a
2600:9000:2209:de00:19:fc2c:a140:93a1
2607:f8b0:4002:20::8
2607:f8b0:4006:807::2001
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::200e
2620:116:800b:21:1456:d0e1:7db4:a56b
3.227.76.221
35.186.253.211
45.79.156.148
52.224.188.157
69.173.151.100
002467353480028b77dd5ef86c0274044f1f753bbf8735f25965014016a9920f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f56c3e5b774a436a874ae1e2110bdf6b3b8a33f2f6b86d7e5feab87f1546ae0
0fd619a2b9f3c8ce6501f1bcd7e2cad31aead9b319e2351e95579113ac4c0e24
1097ab4ac81042f797f41657a2034a7be442f8c55c0c57f8098763a8855f5a0f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f32ce293310e0f3329c30fb1ad2cff2e04e88ed9fcca825b93f8674d639d9a8
2e354d7ca1377ee17a84e988e9dcf7af375acfea6a09dde0d5388debee372abe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32a4683d0b9bed95299c42225a62878cfb0a3672677b3414ffe0c944b0ed585d
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
35bf43e6ad9fd51d731ac78d8786b34fb0a0fc508fdb7d9029f0ba57e23766c0
374df8b48d5f77c375c7cff1ad0f01626641615474ed1db20fd417e3598ca0c6
3cc47cd151a2b0a1118978d7e17ceff131336ee5a5d266d46a44bf5f333e77fb
3d38e7dbdb95cf8a5fca6274ddc5536107c97be74ea8ba1e64f068b5343e27e7
40c60649ab564be93150d27c834b899705c32c18b5693ed494a4861a102e5990
415f0c190123803bc48aa9259f8ff296af597b2e14ad627b924d528d7188906f
4400f980be8c62095a9bb39e69c580f3f11bd5a91a26329d34974e4fb129a3ee
4689720218a68668ae596f8d212be97360401c52bfab91bea343e574f9a79a04
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d1f089ffd3e4bd466b317f1a73b8f39dbb9557e2aa2398193e854453e17dedd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d587ee9efda9ff2acb8aa089bf882c3a93d64837468e12c690da87ed3b5e39c
5193f817e7b31b63c4be893de9e5d0a73b04acde1f9b8152e4ce7e274f982265
5558157049200ca875da8cd59fd0b746f2ff09dff4fedf348d3345df25302f5f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5abf0484e92f845d81fb600b97654063edd91e03950a897f54bdb4fcc5a56f9e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5edb4b4aee8ced42ef5d4e5a2e744554b72a2736c9cbc00b02796ac0e63fafbb
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
66b2befc8f972c936dd57e891feaa821e0bb6b080161e64d3d51a1188a907125
6a5a24abbc1323d6cb808e0afc969a56c6c4b29bc5e625b72f65ea601902761e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
739a1fb11a19f6d92377df27fb2e78c49722791c498dd90aefa7f42427e2e382
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c4e90c74c3350f935d79ced3a37865bab33dc939eee873e770c584713bcda25
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8a36b9e2f679701677feceb5292831b97c034e88010e20d7629caa25e17a9449
8a82b8d9147e42e2af16475d9c76984dec596449b21b5ffa4a7421a873540da2
8bc77ae8b9d052fddfb3897a1fad2fff075efa9118b328b53ad279c41b09ed35
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d9dfad7ac6f550c014a6661017906b539be1d53bc2efc7fdf00f13cff4fe7da
8e2078429980e07342948e6fdbb1d5d7eaf0650e2e6d7659ee8d296feb00fe05
8fbf303e98959fb11be1f36c888cb4856856be349270dd9f8230d7752859d545
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
9439eb78fe7d52db65bb0208ced5daa6ee257c3e0e6e17c889932f6006bfa185
94c81be990b2983aefde55f717ff245f12e651e5c1041d7b3a66afdc0060c779
964e7cfc307c6b010f1e527231b7b69a2686e7edc0620f16c84ac1168bfe25ec
9999f55bbfd16e1fadecbba2eb7519b71668dbc7ab365d5c9a7b73a64379bbe2
99b1bf7fa1b0f6327c28545c426f5d0dab8277787aa7cb07703be91785f11bc5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bdcd3db6c890265e214d682648786830862bb9c59aa895c2d8ceca4ffea0dcf
9d0b50aa4a07e4b343c79635293fa3dd01e461884171a9110c78c15f519ef189
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0a78fc80a2cab46d994e5bd1c4090a306a9ac5845c6a49b3282fcf2e49876d4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ee2633d20a81535a52653aba1ee9af7bcf53d1cd15baca5178d2cc4d283415
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9c3a0273885520f5b826cc26cd0f3cf7ab9df7c7f7f0a7cf050da35282ebc90
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ad908f536a4470b3ddc5babc7948dcf53993eea50ccc3d94bcee3010685692d3
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21efced16df8f347b7c4a3f205119884d94cfddb67d9784481325c0ee73cf74
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b635465813c9400d489819fb5ec007961f6ab5bd3fc692645b7b7d9f130c5090
b7082c76d9462d9dc372eda2ab6b470a0c11bf69ef9563e25ec8d1f321ae0668
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e
d01c17a198c2ba8ac0597a1de0273554e3eb14a272540b6e273fca44795cf483
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d14d3b16776b5fc73a8dc9c4dbbd49919859e8e4d50864d4772e905150d7fb71
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71f063531630a2ac4d49e7266081f96f961df6a260779b910f248d5923d5afc
ea0bf52d6536c4d8f7e0164b2b70d6cc39a7d12b8dd995baa95388beac8c2a46
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ee2981b2c3ddb13e5bdbb45cdaf4cb75c74d49a6776fc9a454c61f3cd783c512
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38fdd59849bdb4d4562e9a401efbb4ced20d6308ee554aeadbad9507ef46eb7
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fc2786017109c98a0de559f9d9035ef97ae57003fd4cb52542751d0cb19c676c
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
ff44e3839527f3a9ceb6bbcdd296bcabd7fe0387ea4e2ed291faff180b608b9c

www.sharepointpals.com Open in urlscan Pro 45.79.156.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

93 %HTTPS

58 %IPv6

25 Domains

40 Subdomains

27 IPs

1 Countries

3116 kBTransfer

6415 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sharepointpals.com Open in urlscan Pro
45.79.156.148 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

93 %
HTTPS

58 %
IPv6

25
Domains

40
Subdomains

27
IPs

1
Countries

3116 kB
Transfer

6415 kB
Size

10
Cookies

154 HTTP transactions
10 data transactions