urlscan.io logo urlscan.io
SecurityTrails logo

sites.foi.com Open in urlscan Pro
192.3.73.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://userhistory.com/
Effective URL: http://sites.foi.com/sites.asp?domain=userhistory.com
Submission: On July 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 44 HTTP transactions. The main IP is 192.3.73.158, located in United States and belongs to AS-COLOCROSSING, US. The main domain is sites.foi.com.
This is the only time sites.foi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3035::6815:10f4 (United States)

ASN13335 (CLOUDFLARENET, US)
userhistory.com
1    192.3.73.158 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 192-3-73-158-host.colocrossing.com
sites.foi.com
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
20    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
20 tpc.googlesyndication.com googleads.g.doubleclick.net
cdn.ampproject.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
6 pagead2.googlesyndication.com sites.foi.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 sites.foi.com
1 userhistory.com 1 redirects
44 11

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://sites.foi.com/sites.asp?domain=userhistory.com
Frame ID: 1AB0A9BD1A2D41AFBDE0B94DA48D3EFF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 3286163E7104A43643725F5D16BFA54C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=1645738987&adf=407486717&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219483&bpp=5&bdt=61&idt=77&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=5830774249997&frm=20&pv=2&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=T9OxAvdP8s&p=http%3A//sites.foi.com&dtd=94
Frame ID: 995E1C26396A6A6494D4F509EF24FE0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Frame ID: 13E046B86DE5DD5FB66F32B3E7FDFFFD
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&adk=1812271804&adf=3025194257&lmt=1626535219&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&ea=0&flash=0&pra=7&wgl=1&dt=1626535219503&bpp=2&bdt=81&idt=84&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&nras=1&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=88
Frame ID: 3DC9215DCD1F47169D0A1D57166947F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D31C82B0F0358550FD56418C813328BA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 565DC50E36DE9AAEC641AC71E7421AF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://userhistory.com/ HTTP 301
    http://sites.foi.com/sites.asp?domain=userhistory.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

44
Requests

95 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

417 kB
Transfer

1285 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://userhistory.com/ HTTP 301
    http://sites.foi.com/sites.asp?domain=userhistory.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sites.asp
sites.foi.com/
Redirect Chain
  • https://userhistory.com/
  • http://sites.foi.com/sites.asp?domain=userhistory.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sites.foi.com/sites.asp?domain=userhistory.com
Protocol
HTTP/1.1
Server
192.3.73.158 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
192-3-73-158-host.colocrossing.com
Software
Microsoft-IIS/8.5 /
Resource Hash
710166016dd95afea72310f98aab2ee5a7ba37407435cfc8a2078903bcb1e647

Request headers

Host
sites.foi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDAATCSRBS=COPJGPFBFJMPOBKHOMMGHJHI; path=/
Date
Sat, 17 Jul 2021 15:20:18 GMT
Content-Length
1176

Redirect headers

date
Sat, 17 Jul 2021 15:20:19 GMT
content-type
text/html
cache-control
private
location
http://sites.foi.com/sites.asp?domain=userhistory.com
set-cookie
ASPSESSIONIDAATCSRBS=BOPJGPFBJIJINEKJJECIIMPA; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9keLMTjUpa9T%2Fq6CgvG4ldMuROf3ykS9kgCMOL5ZFHtwV6ibm7GPWaTwRpVe8VLEfW9GjcToAfM5W%2F%2FkDedraO6enlZ6sWumdvwPplAbIZs0vTHX57A9odzxf5J%2BzuzDcYjlCrJvic5Xbe0DlY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6704741e0f41175e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sites.foi.com
URL: http://sites.foi.com/sites.asp?domain=userhistory.com
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40c87e63f419b5d4b32027a041a8df1a95ebf82c92b3ebd10487810849678cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 17 Jul 2021 15:20:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10219626641375988758
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
48398
X-XSS-Protection
0
Expires
Sat, 17 Jul 2021 15:20:19 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 		244 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92395
x-xss-protection
0
server
cafe
etag
7826786853314341384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Jul 2021 15:20:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 3286 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210712/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Jul 2021 03:29:55 GMT
expires
Sat, 31 Jul 2021 03:29:55 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
42624
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		197 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sites.foi.com&callback=_gfp_s_&client=ca-pub-7937237412689947
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a1cde97a3727bf67de6420c7c2f8a45f04b0c1f522c61efd889a37c88431dd96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sites.foi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sites.foi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 995E 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=1645738987&adf=407486717&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219483&bpp=5&bdt=61&idt=77&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=5830774249997&frm=20&pv=2&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=T9OxAvdP8s&p=http%3A//sites.foi.com&dtd=94
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62c5009514b26c66465ac94688377336510ca5b5c584965c5ae7b23536189d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=1645738987&adf=407486717&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219483&bpp=5&bdt=61&idt=77&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=5830774249997&frm=20&pv=2&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=T9OxAvdP8s&p=http%3A//sites.foi.com&dtd=94
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 17 Jul 2021 15:20:20 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 17-Jul-2021 15:35:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 15:20:20 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 15:20:19 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434913869424"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28061
x-xss-protection
0
expires
Sat, 17 Jul 2021 15:20:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 13E0 		164 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3645c5e6967da3d7e56c227cdcd294e9c1487d556c69e9f804021e9841c984a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 17 Jul 2021 15:20:20 GMT
server
cafe
content-length
23161
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 17-Jul-2021 15:35:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 15:20:20 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3DC9 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&adk=1812271804&adf=3025194257&lmt=1626535219&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&ea=0&flash=0&pra=7&wgl=1&dt=1626535219503&bpp=2&bdt=81&idt=84&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&nras=1&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7937237412689947&output=html&adk=1812271804&adf=3025194257&lmt=1626535219&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&ea=0&flash=0&pra=7&wgl=1&dt=1626535219503&bpp=2&bdt=81&idt=84&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&nras=1&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 15:20:19 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 17-Jul-2021 15:35:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 15:20:19 GMT
cache-control
private
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106212012000/ Frame 13E0 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55206
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e7b47afdadb9c9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:03:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 13E0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4815
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9c6d4b511682de4a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:03:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 13E0 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27658
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"89763648e638c628"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:03:56 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 13E0 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb881ad28cd027cf3d912ca2a5f9ba9333484d1e747d2ff8e76506c8fd62ae99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16640
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:05:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b02f0c672db8c610"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:05:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 13E0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1490
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9b373dc53e7b532"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:03:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 13E0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
98184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12852
x-xss-protection
0
server
sffe
date
Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"432397294f345717"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 12:03:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 13E0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 15:34:33 GMT
x-content-type-options
nosniff
server
cafe
age
85547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Jul 2021 15:34:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 13E0 		295 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
9767
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 18 Jul 2021 12:37:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 13E0 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8zjJM_XyYLTUJJmP1gbTh7OIBamgusFjxPLOmKAOzoWhyvYBEAEguo6xB2CVAqABhqv9_QPIAQmoAwHIAwiqBNYBT9C0ozg2iopVEg-NTMw7h-GbcC1kffhIbtRFBe2U_iHfCn30UGvhpbFPu1iJmJ-zFvpJudr3wkdJm5dEYXClSIHi7sCq3RWKa6BI9CVlgLIh12R2Yj5AZfzu5eBqUvMpbcl-4fr1g-3gnhKptRtjztcB2Xf4Vl6IiEsbnKtNQ0mcxcoYrC1_0SKtwPu66DRpb_3HhIAsd25i0ihTPv44lnNb7KEADrHA0-jt_D1lWn-FXFeimgd-4AiYItfwJAKZ3R467jJ4jcpIMjLKl6mDGp6Wm-VT3sAE9YvT28QDkgUECAQYAZIFBAgFGASgBi6AB-LUggKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQh9sO0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTc5MzcyMzc0MTI2ODk5NDc&sigh=4W6FxqzAKwg&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 17 Jul 2021 15:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 17 Jul 2021 15:20:20 GMT
bg_064107716.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		677 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/bg_064107716.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7246ad9c53d7accd3d4b58d4a8d98146f685a34a6375ce4f79f092caeeedcb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
359
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
item_194730272.png
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/item_194730272.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d6989aeb7737782a2b737ef9d5abd8915fa8ec128b75b1ee6185bab307fc4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4709
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
title_689152241.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/title_689152241.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73ffb39807c58bc64e742d3dd0ab81083ea154cb96b5118f64a2753d56995733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5692
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
subtitle_523640088.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		25 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/subtitle_523640088.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a9630e89f1054ece19d895f190c4ab5067ba3b58d4beaedcc1fe0f501d7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
button_977597088.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/button_977597088.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b5086ae0d649646a4df91ea2e0584930f7152d8fb629080d1f6079183ea21c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2047
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
logo-full_740875344.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		2 KB
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/logo-full_740875344.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4493ff1f2ebef82e57b0fb344ed1f1dba6072475a05b32727ffbf09a4095bcf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
894
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
group-5_664479773.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		24 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/group-5_664479773.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c539c9e6f690adf03c2e5716790e535006a178412f7711bc177c0444ea983b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7772
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:22:08 GMT
truncated
/ Frame 13E0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df5f8fff9474466050f7aae54d349f6a13e9d68ebb72fac7d35ff751771fc47a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012106212012000/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106212012000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1cdab1e445e687adc9240832f063829296afc3165aba1958213f3163027a8b6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
382081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7366
x-xss-protection
0
server
sffe
date
Tue, 13 Jul 2021 05:12:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7145e499bf1cae68"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 05:12:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 13E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 15:34:33 GMT
x-content-type-options
nosniff
server
cafe
age
85547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Jul 2021 15:34:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 13E0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
9767
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 18 Jul 2021 12:37:33 GMT
bg_064107716.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		677 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/bg_064107716.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7246ad9c53d7accd3d4b58d4a8d98146f685a34a6375ce4f79f092caeeedcb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
359
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
item_194730272.png
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/item_194730272.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d6989aeb7737782a2b737ef9d5abd8915fa8ec128b75b1ee6185bab307fc4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4709
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
title_689152241.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/title_689152241.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73ffb39807c58bc64e742d3dd0ab81083ea154cb96b5118f64a2753d56995733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5692
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
subtitle_523640088.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		25 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/subtitle_523640088.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a9630e89f1054ece19d895f190c4ab5067ba3b58d4beaedcc1fe0f501d7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
button_977597088.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/button_977597088.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b5086ae0d649646a4df91ea2e0584930f7152d8fb629080d1f6079183ea21c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2047
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
logo-full_740875344.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		2 KB
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/logo-full_740875344.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4493ff1f2ebef82e57b0fb344ed1f1dba6072475a05b32727ffbf09a4095bcf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
894
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:17:38 GMT
group-5_664479773.svg
tpc.googlesyndication.com/sadbundle/14424985769674110239/images/ Frame 13E0 		24 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14424985769674110239/images/group-5_664479773.svg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c539c9e6f690adf03c2e5716790e535006a178412f7711bc177c0444ea983b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 18:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7772
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 15:19:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:22:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3398ec5f63155b652786a54c74c1de51a4b32c3c4108714b8b8995dbeef2d0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8527
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937237412689947&plah=sites.foi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 17 Jul 2021 15:20:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D31C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 17 Jul 2021 15:13:47 GMT
expires
Sun, 17 Jul 2022 15:13:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 565D 		783 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8262e5f4dd69540783ec0898f56156fa7b4ca40e236037aa257f954694a55238
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JGcRGfpmV4VlYxe9JKauyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sites.foi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://sites.foi.com/

Response headers

expires
Sat, 17 Jul 2021 15:20:20 GMT
date
Sat, 17 Jul 2021 15:20:20 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JGcRGfpmV4VlYxe9JKauyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js
pagead2.googlesyndication.com/bg/ Frame D31C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 15:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13252
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Jul 2022 15:58:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=3171336237684779&bg=!f3ylfDjNAAZjFomlYxY7ACkAdvg8Wsf51djGNWAW1o6Iwfo7mGLmcIZW1vYwsKWN8MICQ5iDgthgAgIAAAB0UgAAAA1oAQeZAnsmyuHAQIKJnk4-p37AKMoaPlYB8Jz9FmL6gdgNst9FnlpiYp7hqCTQscXuQ0L3hX0RSbJSBWHvYz3BVpibxuujBkdPlo-W_Bhq9uarbjtTomYidliBdTP3BTB8AHMCVbLIuIKTjB1y9cxaLxrjGIdB-wp6xArd7lj6OfLkcrldam_5iu-0lqnCGPmA5Wsm-8khQgEdoeyGq7-UXZ0KqJ0JwG7kLsYpVWus_f6EotkPCPtcWEkQduyRltKNvtESc8t3yeYIusJdhQTRWfqInSHV2qhxXJK5dOIyaMfMYoe9parjugR6ADVxbkKB1jSve2ZLPlk3YMIfrXvL2d6iZrEBnBGkTLrEqAG4KPt2WCooyHhvmEg52DdjsrxC2I4tf2P3jOV3nz0KQQQaWGqBPKz54jxUu4PkXQ2jl85N8hODOe_5YfiXT5RU1BQ7zxWzrGpNuwN5XyC1qO_PuYoSma4cOboDUF8ZcwrU8f75A2sOaI7ujHO0EfhIy2y3Pnvzm47PHFe-1H_7DE6XWq58pc74scCQOsYR-VRQJ0imNQUV_aox9dRdS4WFqoDixQFexqmotu8DtL-jnhmhicsViQN1qyqwYqWZ0UyVq0sWu2gb7WzSCxIyvWS2Xi-GcRykPXbBPHGBUYbyXib5bEcEnIvODyGm-ZR-0uGhYyxqaZxbkNFZobhlxh64kCzf7SIUH4aPked8BylAf7djKqYd4NEO4XHKSbfYZvAO454qzG2egaeUxkETTVgtsObjpkyaAKY0Eb67yEQVOoAbCkJAymxJFXP3lqjZf8XXvr-e0ychSvJ2OdOXcy4Y6PhS00PZ_y09126yIvxmu0K8tw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sites.foi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 15:20:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 13E0 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv82YUyzfwnkbnUTTg5_KnfhqlJvKIQsvF8xfFNwHuouQvete6jDYKSORV8iwhfMRg1WowwtgHeas-kQdyEg4AJk5OhIbzKAF921Co81xOGpYqcw5POuNOz4bJ5QA&sai=AMfl-YRhTd4TimdLrplO0BzfjG4T142fai__G0Wi8krloNCJ3emjcngEoBCCvIXXFOtTf0aCDU3FPpGQ3cks&sig=Cg0ArKJSzHpkCcjBUlJQEAE&id=ampim&o=436,365&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=103&tls=1103&g=100&h=100&tt=1104&r=v&avms=ampa&adk=2032601290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 15:20:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlED7QcEG5N4dIz2n0mNtDDoiAaqGPlwFD_a_V9hLyct_qt2RQQPGiMegpF8Bk
.foi.com/ Name: __gads
Value: ID=10b479fddb140dee-225381a16dc9001b:T=1626535219:RT=1626535219:S=ALNI_MYuPWXxrrQsUWGL-PrYJwFSqmwYyQ
sites.foi.com/ Name: ASPSESSIONIDAATCSRBS
Value: COPJGPFBFJMPOBKHOMMGHJHI

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2106212012000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937237412689947&output=html&h=90&slotname=1320099391&adk=2032601290&adf=1940557669&pi=t.ma~as.1320099391&w=728&lmt=1626535219&psa=0&format=728x90&url=http%3A%2F%2Fsites.foi.com%2Fsites.asp%3Fdomain%3Duserhistory.com&flash=0&wgl=1&dt=1626535219488&bpp=1&bdt=66&idt=95&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5830774249997&frm=20&pv=1&ga_vid=1623479990.1626535220&ga_sid=1626535220&ga_hid=880275422&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060973%2C31061745%2C21065724&oid=2&pvsid=3171336237684779&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PKeu5GZfb8&p=http%3A//sites.foi.com&dtd=97

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
sites.foi.com
tpc.googlesyndication.com
userhistory.com
www.google.com
www.googletagservices.com
142.250.74.194
192.3.73.158
2606:4700:3035::6815:10f4
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
3398ec5f63155b652786a54c74c1de51a4b32c3c4108714b8b8995dbeef2d0b1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
40c87e63f419b5d4b32027a041a8df1a95ebf82c92b3ebd10487810849678cc8
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
4493ff1f2ebef82e57b0fb344ed1f1dba6072475a05b32727ffbf09a4095bcf2
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5b5086ae0d649646a4df91ea2e0584930f7152d8fb629080d1f6079183ea21c6
62c5009514b26c66465ac94688377336510ca5b5c584965c5ae7b23536189d5a
710166016dd95afea72310f98aab2ee5a7ba37407435cfc8a2078903bcb1e647
73ffb39807c58bc64e742d3dd0ab81083ea154cb96b5118f64a2753d56995733
7d6989aeb7737782a2b737ef9d5abd8915fa8ec128b75b1ee6185bab307fc4aa
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8262e5f4dd69540783ec0898f56156fa7b4ca40e236037aa257f954694a55238
87a9630e89f1054ece19d895f190c4ab5067ba3b58d4beaedcc1fe0f501d7132
a1cde97a3727bf67de6420c7c2f8a45f04b0c1f522c61efd889a37c88431dd96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
c1cdab1e445e687adc9240832f063829296afc3165aba1958213f3163027a8b6
c3645c5e6967da3d7e56c227cdcd294e9c1487d556c69e9f804021e9841c984a
c539c9e6f690adf03c2e5716790e535006a178412f7711bc177c0444ea983b21
d7246ad9c53d7accd3d4b58d4a8d98146f685a34a6375ce4f79f092caeeedcb4
df5f8fff9474466050f7aae54d349f6a13e9d68ebb72fac7d35ff751771fc47a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
eb881ad28cd027cf3d912ca2a5f9ba9333484d1e747d2ff8e76506c8fd62ae99
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1