www.tipsfound.com Open in urlscan Pro
104.41.186.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tipsfound.com/excel/01308
Submission: On May 13 via manual (May 13th 2020, 8:04:55 am UTC) from SK

Summary HTTP 23 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 104.41.186.103, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.tipsfound.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 27th 2020. Valid for: 3 months.

This is the only time www.tipsfound.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.41.186.103 104.41.186.103	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
5	152.195.133.137 152.195.133.137	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
23	7

1 104.41.186.103 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.tipsfound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.133.137 (United States)

ASN15133 (EDGECAST, US)

c.tipsfound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
6	tipsfound.com www.tipsfound.com c.tipsfound.com	29 KB
5	doubleclick.net googleads.g.doubleclick.net
2	google-analytics.com www.google-analytics.com	18 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googletagmanager.com www.googletagmanager.com	30 KB
23	8

	Domain	Requested by
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	c.tipsfound.com	www.tipsfound.com
4	pagead2.googlesyndication.com	www.tipsfound.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.tipsfound.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.tipsfound.com
1	www.tipsfound.com
23	10

This site contains links to these domains. Also see Links.

Domain
c.tipsfound.com
twitter.com
www.facebook.com
getpocket.com
line.me
b.hatena.ne.jp

Subject Issuer	Validity	Valid
www.tipsfound.com Let's Encrypt Authority X3	`2020-04-27` - `2020-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
sa163gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-06-11` - `2020-09-13`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.tipsfound.com/excel/01308
Frame ID: 2FA1D3D7873BDC2B40B3ABD432F813DB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html
Frame ID: EEA9E49E3099D36E1B8BE61CA29AC1BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=90&slotname=8726391409&adk=1379238500&adf=2967676697&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1589357064943&bpp=15&bdt=223&idt=85&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7899367136651&frm=20&pv=2&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=131754&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=205&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4CyALkxvDQ&p=https%3A//www.tipsfound.com&dtd=103
Frame ID: 2AC66D5D2BF422EDB67E63BC27DA4BA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=280&slotname=5074921000&adk=3088230145&adf=3706330446&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589357064958&bpp=3&bdt=237&idt=98&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1914&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4VdjPU1Kla&p=https%3A//www.tipsfound.com&dtd=102
Frame ID: AC183CC19E7B28D4030142934FA6BA30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=420&slotname=3918688279&adk=3752367161&adf=383732597&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1589357065&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=700x420&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1589357064961&bpp=1&bdt=240&idt=105&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3602&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=HonLwUkT95&p=https%3A//www.tipsfound.com&dtd=108
Frame ID: 8F1B46A60E57FCEBC48E61495EAF99AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&adk=1812271804&adf=3025194257&lmt=1589357065&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589357064962&bpp=1&bdt=242&idt=112&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280%2C700x420&nras=1&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120
Frame ID: B9FCA2F32161BD1B43E645DB4D4223EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 78F0A812D7CC938DE83854B473113967
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

23
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

10
Subdomains

7
IPs

3
Countries

236 kB
Transfer

616 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://c.tipsfound.com/excel/01308/13.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/14.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/15.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/16.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/17.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/18.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/19.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/20.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/21.png

Search URL Search Domain Scan URL

URL: https://c.tipsfound.com/excel/01308/22.png

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&text=%E3%82%A8%E3%82%AF%E3%82%BB%E3%83%AB%20%E5%88%A5%E3%82%B7%E3%83%BC%E3%83%88%E3%82%92%E5%8F%82%E7%85%A7%EF%BC%88%E3%83%AA%E3%83%B3%E3%82%AF%EF%BC%89%E3%81%99%E3%82%8B&tw_p=tweetbutton&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&title=%E3%82%A8%E3%82%AF%E3%82%BB%E3%83%AB%20%E5%88%A5%E3%82%B7%E3%83%BC%E3%83%88%E3%82%92%E5%8F%82%E7%85%A7%EF%BC%88%E3%83%AA%E3%83%B3%E3%82%AF%EF%BC%89%E3%81%99%E3%82%8B

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%E3%82%A8%E3%82%AF%E3%82%BB%E3%83%AB%20%E5%88%A5%E3%82%B7%E3%83%BC%E3%83%88%E3%82%92%E5%8F%82%E7%85%A7%EF%BC%88%E3%83%AA%E3%83%B3%E3%82%AF%EF%BC%89%E3%81%99%E3%82%8B%0D%0Ahttps%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/add?mode=confirm&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&title=%E3%82%A8%E3%82%AF%E3%82%BB%E3%83%AB%20%E5%88%A5%E3%82%B7%E3%83%BC%E3%83%88%E3%82%92%E5%8F%82%E7%85%A7%EF%BC%88%E3%83%AA%E3%83%B3%E3%82%AF%EF%BC%89%E3%81%99%E3%82%8B

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 01308 Show response
www.tipsfound.com/excel/ 51 KB
15 KB 1092ms
247ms Document
text/html 104.41.186.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.41.186.103 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b0af0b101c015267e4afb0c58f0b1027061e517dbd271eb9d040f9704569e061

Request headers

:method: GET
:authority: www.tipsfound.com
:scheme: https
:path: /excel/01308
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: private
content-length: 15355
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 13 May 2020 08:04:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
30 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31946232-1

Requested by

Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32a3648a8898469cdd57f77f580e688bd7411e761e2470016abad9968948def7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 08:04:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30431
x-xss-protection: 0
last-modified: Wed, 13 May 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 May 2020 08:04:24 GMT

GET
H2 200 sitem-10.js Show response
c.tipsfound.com/content/ 12 KB
5 KB 474ms
18ms Script
application/javascript 152.195.133.137
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tipsfound.com/content/sitem-10.js
Requested by: Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.133.137 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6AA1) /
Resource Hash: b5e66362b7a28244d07d1a60814f3208abebd72e4b77425e34641146b139baeb

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 May 2020 08:04:25 GMT
content-encoding: gzip
content-md5: EkASrSSUVGNevsjKsGS2Bw==
age: 28596006
x-cache: HIT
status: 200
content-length: 4515
x-ms-lease-status: unlocked
last-modified: Fri, 12 Apr 2019 00:05:21 GMT
server: ECAcc (amb/6AA1)
etag: 0x8D6BEDA8DD5927F
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 60ae08d2-601e-0048-15e8-24f338000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cb9644984e6b1bf82e3379f19ddc7c90cf1e7eb299b42b9172f03f4385f10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 08:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39222
x-xss-protection: 0
server: cafe
etag: 9768837175657944145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 May 2020 08:04:24 GMT

GET
H2 200 13.png
c.tipsfound.com/excel/01308/ 3 KB
3 KB 472ms
19ms Image
image/png 152.195.133.137
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tipsfound.com/excel/01308/13.png
Requested by: Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.133.137 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6B45) /
Resource Hash: cf411db50e5639f9709b40317a988c664e19c711f82c97c09fdafa38be8e3aec

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 May 2020 08:04:25 GMT
content-md5: hR+5zNlx8fGddPKs35Whvg==
age: 191196
x-cache: HIT
status: 200
content-length: 2956
x-ms-lease-status: unlocked
last-modified: Fri, 30 Mar 2018 23:20:00 GMT
server: ECAcc (amb/6B45)
etag: 0x8D59694C2A5E369
content-type: image/png
x-ms-request-id: ac42fc80-701e-008f-6b3f-276765000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 14.png
c.tipsfound.com/excel/01308/ 2 KB
2 KB 480ms
27ms Image
image/png 152.195.133.137
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tipsfound.com/excel/01308/14.png
Requested by: Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.133.137 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6AD3) /
Resource Hash: 19500a32edf2e3c9d24b48aac7f12b49459ef48ec4683d1a04a9c2e0129ec5e9

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 May 2020 08:04:25 GMT
content-md5: ONv0npk/PO+vUHlHQtyl7A==
age: 191196
x-cache: HIT
status: 200
content-length: 2340
x-ms-lease-status: unlocked
last-modified: Fri, 30 Mar 2018 23:20:00 GMT
server: ECAcc (amb/6AD3)
etag: 0x8D59694C2B302E7
content-type: image/png
x-ms-request-id: c0a1ce1d-f01e-0091-1d3f-278bbd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 15.png
c.tipsfound.com/excel/01308/ 3 KB
3 KB 473ms
20ms Image
image/png 152.195.133.137
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tipsfound.com/excel/01308/15.png
Requested by: Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.133.137 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6B5E) /
Resource Hash: 78fd6d57f860c6b703c2aad330fa1d6ff50a3c59723a6478a2d80e1014cdbb31

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 May 2020 08:04:25 GMT
content-md5: TXId5mPfhVqAIOvVXOES9w==
age: 191196
x-cache: HIT
status: 200
content-length: 3031
x-ms-lease-status: unlocked
last-modified: Fri, 30 Mar 2018 23:20:00 GMT
server: ECAcc (amb/6B5E)
etag: 0x8D59694C2C0E5B6
content-type: image/png
x-ms-request-id: 6dab1c6a-c01e-001c-073f-27bc6f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 b.gif
c.tipsfound.com/content/ 43 B
335 B 470ms
17ms Image
image/gif 152.195.133.137
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tipsfound.com/content/b.gif
Requested by: Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.133.137 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6AF5) /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 May 2020 08:04:25 GMT
content-md5: DSPQtikIt16JAUrD+GRITg==
age: 18242351
x-cache: HIT
status: 200
content-length: 43
x-ms-lease-status: unlocked
last-modified: Wed, 06 Jan 2016 00:54:57 GMT
server: ECAcc (amb/6AF5)
etag: 0x8D31633FF3886D1
content-type: image/gif
x-ms-request-id: 05eb0a87-f01e-0065-3c13-83404b000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31946232-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 4085
date: Wed, 13 May 2020 06:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 13 May 2020 08:56:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tipsfound.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 May 2020 08:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tipsfound.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 May 2020 08:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/ 217 KB
82 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 08:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83827
x-xss-protection: 0
server: cafe
etag: 14851109439880523126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 May 2020 08:04:24 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/ Frame EEA9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200506/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 13 May 2020 03:49:23 GMT
expires: Wed, 27 May 2020 03:49:23 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 15301
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2062544510&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&ul=en-us&de=UTF-8&dt=%E3%82%A8%E3%82%AF%E3%82%BB%E3%83%AB%20%E5%88%A5%E3%82%B7%E3%83%BC%E3%83%88%E3%82%92%E5%8F%82%E7%85%A7%EF%BC%88%E3%83%AA%E3%83%B3%E3%82%AF%EF%BC%89%E3%81%99%E3%82%8B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1996202732&gjid=1220882057&cid=828024686.1589357065&tid=UA-31946232-1&_gid=1960865343.1589357065&_r=1&gtm=2ou4t0&z=697248525

Requested by

Host: www.tipsfound.com
URL: https://www.tipsfound.com/excel/01308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 08:04:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2AC6 0
0 209ms
209ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=90&slotname=8726391409&adk=1379238500&adf=2967676697&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1589357064943&bpp=15&bdt=223&idt=85&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7899367136651&frm=20&pv=2&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=131754&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=205&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4CyALkxvDQ&p=https%3A//www.tipsfound.com&dtd=103

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2563223781312003&output=html&h=90&slotname=8726391409&adk=1379238500&adf=2967676697&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1589357064943&bpp=15&bdt=223&idt=85&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7899367136651&frm=20&pv=2&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=131754&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=205&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4CyALkxvDQ&p=https%3A//www.tipsfound.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 May 2020 08:04:25 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 08:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 May 2020 08:04:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e223a9b6ca50d8611d022c3ae4ecee30c87264115ac1e701a0c85de6b3295dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 08:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589234555757598"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27795
x-xss-protection: 0
expires: Wed, 13 May 2020 08:04:25 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame AC18 0
0 333ms
333ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=280&slotname=5074921000&adk=3088230145&adf=3706330446&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589357064958&bpp=3&bdt=237&idt=98&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1914&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4VdjPU1Kla&p=https%3A//www.tipsfound.com&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIvVpLqwsOkCFVmvewodF4QJ-A&gqi=Caq7Xu6XBJmWgQerlbDYCg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2563223781312003&output=html&h=280&slotname=5074921000&adk=3088230145&adf=3706330446&w=728&fwrn=4&fwrnh=100&lmt=1589357065&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589357064958&bpp=3&bdt=237&idt=98&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1914&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4VdjPU1Kla&p=https%3A//www.tipsfound.com&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIvVpLqwsOkCFVmvewodF4QJ-A&gqi=Caq7Xu6XBJmWgQerlbDYCg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 May 2020 08:04:25 GMT
server: cafe
content-length: 23548
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 08:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 May 2020 08:04:25 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8F1B 0
0 284ms
283ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&h=420&slotname=3918688279&adk=3752367161&adf=383732597&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1589357065&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=700x420&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1589357064961&bpp=1&bdt=240&idt=105&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3602&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=HonLwUkT95&p=https%3A//www.tipsfound.com&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2563223781312003&output=html&h=420&slotname=3918688279&adk=3752367161&adf=383732597&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1589357065&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=700x420&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1589357064961&bpp=1&bdt=240&idt=105&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=282&ady=3602&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=HonLwUkT95&p=https%3A//www.tipsfound.com&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 May 2020 08:04:25 GMT
server: cafe
content-length: 22431
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 08:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 May 2020 08:04:25 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B9FC 0
0 46ms
46ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2563223781312003&output=html&adk=1812271804&adf=3025194257&lmt=1589357065&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589357064962&bpp=1&bdt=242&idt=112&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280%2C700x420&nras=1&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2563223781312003&output=html&adk=1812271804&adf=3025194257&lmt=1589357065&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.tipsfound.com%2Fexcel%2F01308&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589357064962&bpp=1&bdt=242&idt=112&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x280%2C700x420&nras=1&correlator=7899367136651&frm=20&pv=1&ga_vid=828024686.1589357065&ga_sid=1589357065&ga_hid=2062544510&ga_fc=0&iag=0&icsg=656042&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085%2C44716866&oid=3&pvsid=4130170531412259&pem=932&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 May 2020 08:04:25 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 08:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 May 2020 08:04:25 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200506&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db3647820cc3ca8d6e7eb575369e1a1247bc9942196d01b4f076246097f96ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 May 2020 08:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5650
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 08:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Wed, 13 May 2020 08:04:25 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 78F0 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tipsfound.com/excel/01308
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.tipsfound.com/excel/01308

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 13 May 2020 07:16:32 GMT
expires: Thu, 13 May 2021 07:16:32 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2873
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200506&jk=4130170531412259&bg=!mZqlmoJYzBxzuqGKMi4CAAAAQ1IAAAAMmQF57Nl6LcbZo-HvqZwxPIs3x4TLy04quu1Ud7D0kUhmeStkicEwK704dfhqzwK8gjiUEpsnJwEZ_0ci125VPs8zecMqpQiIV7oVKQF8scefuxUlBARtYH4ObP1IZ-j4gBdkDU2WHU40cHzteRRo_KQGbQ2TBhD3-fUN7XEu098j5A7I7Lxad-__xy7H6WLdgOP0lfKCmIRBX7mCJlVWHEVKPhABlOsMNDAw1cILil3hJlY7rgSNKXOSvNwCaEr-c3ALeOnezMYUhvDZeelIVusHS_zsKF3uoXAWq4p799RrWHs1NeM2CQ7_USnowMh0C1F5pTsLd7SfQKCnI1BTpsiWpRbcGhKzJyu_HBJN1haJncpQY40g2kq3L93KGkARA7WksWUoKBzN9XYfpacctS3aQYh5PXWFEYWXlUyH0NvgT08lxDPY0orYLbrSSc6AmFV-ChTDu3P1cnMiss8Pph2DR8XNrgcTVFtG9afCZ-YZbiAVPykIOX2U80I

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tipsfound.com/excel/01308
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 08:04:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tipsfound.com/	1970-01-19 09:29:17	Name: _gat_gtag_UA_31946232_1 Value: 1
.doubleclick.net/	1970-01-19 09:29:20	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 18:50:53	Name: IDE Value: AHWqTUnDSCPdJTbq-7dO8Obd2t_kkYw4QmHfzTO4wEGKYxHSHgSQfHk2WZ9o7NSH
.tipsfound.com/	1970-01-19 09:30:43	Name: _gid Value: GA1.2.1960865343.1589357065
.tipsfound.com/	1970-01-20 03:00:29	Name: _ga Value: GA1.2.828024686.1589357065

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.tipsfound.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.tipsfound.com
104.41.186.103
152.195.133.137
2a00:1450:4001:808::2002
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2001
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
19500a32edf2e3c9d24b48aac7f12b49459ef48ec4683d1a04a9c2e0129ec5e9
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32a3648a8898469cdd57f77f580e688bd7411e761e2470016abad9968948def7
4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
54cb9644984e6b1bf82e3379f19ddc7c90cf1e7eb299b42b9172f03f4385f10d
5db3647820cc3ca8d6e7eb575369e1a1247bc9942196d01b4f076246097f96ac
78fd6d57f860c6b703c2aad330fa1d6ff50a3c59723a6478a2d80e1014cdbb31
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b0af0b101c015267e4afb0c58f0b1027061e517dbd271eb9d040f9704569e061
b5e66362b7a28244d07d1a60814f3208abebd72e4b77425e34641146b139baeb
cf411db50e5639f9709b40317a988c664e19c711f82c97c09fdafa38be8e3aec
e223a9b6ca50d8611d022c3ae4ecee30c87264115ac1e701a0c85de6b3295dd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.tipsfound.com Open in urlscan Pro 104.41.186.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

71 %IPv6

8 Domains

10 Subdomains

7 IPs

3 Countries

236 kBTransfer

616 kBSize

5 Cookies

15 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

5 Cookies

Indicators

www.tipsfound.com Open in urlscan Pro
104.41.186.103 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

10
Subdomains

7
IPs

3
Countries

236 kB
Transfer

616 kB
Size

5
Cookies

23 HTTP transactions
0 data transactions