www.activesearchresults.com Open in urlscan Pro
108.36.145.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.activesearchresults.com/tr/rd11.php?O/mCpLSRQa+XMEAzchUEWB2sDPnj5a24JyabNSvPaVM=
Effective URL:
https://www.activesearchresults.com/
Submission: On March 20 via api (March 20th 2021, 5:41:58 am UTC) from BE

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 9 domains to perform 80 HTTP transactions. The main IP is 108.36.145.223, located in Middletown, United States and belongs to UUNET, US. The main domain is www.activesearchresults.com.
TLS certificate: Issued by Network Solutions DV Server CA 2 on October 20th 2020. Valid for: a year.

This is the only time www.activesearchresults.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	108.36.145.223 108.36.145.223	701 (UUNET) (UUNET)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2012	15169 (GOOGLE) (GOOGLE)
1	216.58.212.146 216.58.212.146	15169 (GOOGLE) (GOOGLE)
80	20

13 108.36.145.223 (Middletown, United States) 1 redirects

ASN701 (UUNET, US)
PTR: pool-108-36-145-223.phlapa.fios.verizon.net

www.activesearchresults.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.146 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f18.1e100.net

p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	332 KB
16	doubleclick.net 1 redirects googleads.g.doubleclick.net ad.doubleclick.net	68 KB
14	google.com 3 redirects apis.google.com adservice.google.com accounts.google.com www.google.com	137 KB
13	activesearchresults.com 1 redirects www.activesearchresults.com	51 KB
5	gstatic.com ssl.gstatic.com p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com	9 KB
4	googletagservices.com www.googletagservices.com	134 KB
3	google-analytics.com ssl.google-analytics.com	17 KB
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	648 B
80	9

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	www.activesearchresults.com	1 redirects www.activesearchresults.com
11	pagead2.googlesyndication.com	www.activesearchresults.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	apis.google.com	www.activesearchresults.com apis.google.com accounts.google.com
5	www.google.com	3 redirects apis.google.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ssl.google-analytics.com	www.activesearchresults.com
2	ad.doubleclick.net	1 redirects www.activesearchresults.com
2	p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com
1	p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com
1	p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com
1	ssl.gstatic.com	accounts.google.com
1	accounts.google.com	apis.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
80	17

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.activesearchresults.com Network Solutions DV Server CA 2	`2020-10-20` - `2021-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.activesearchresults.com/
Frame ID: 081503F07B30CA88E95F86743F145EE6
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 9A63EA28F0DEC4C883CE80B791E89B7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&adk=1812271804&adf=3025194257&lmt=1616218896&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.activesearchresults.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616218896259&bpp=6&bdt=166&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3757702498078&frm=20&pv=2&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
Frame ID: 7758049E7FCDDBE096AC0B22F25C3008
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113
Frame ID: 88253FADC3FBFF036E41A8DF7622790A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81
Frame ID: DF87D2CCB6C79B2FA650191E239ED38B
Requests: 10 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 141EE8560DF2B2A0F3619869A0F1FF47
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 951E2FDDD537F04CC61EBEFC582E9E54
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101
Frame ID: F7D4778972D13F7424C7DFA281F28582
Requests: 10 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.activesearchresults.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 17114F1329E3CC9AED93D6503E82502C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 41AFD4D735615149C583474968AC61F9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 837E39A0BD4A300E711454CC7C122861
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AF12324D3233FA9E99825F63C779B245
Requests: 2 HTTP requests in this frame

Frame: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: AF65843CC888B9EFAA6DBC266B86E669
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7C687668CA34CCDE66AD4FB78D24E074
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 551D1EDB367E07F5F4ED9896AEAB4553
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 9445FBFB1472F83C55CD2F45F5C4A677
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9E7C5BEF188A6F0E995F5066C1AA0C0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.activesearchresults.com/tr/rd11.php?O/mCpLSRQa+XMEAzchUEWB2sDPnj5a24JyabNSvPaVM= HTTP 302
https://www.activesearchresults.com/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

80
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

17
Subdomains

20
IPs

2
Countries

748 kB
Transfer

1787 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/asrranking

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ASRRanking/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/active-search-results

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.activesearchresults.com/tr/rd11.php?O/mCpLSRQa+XMEAzchUEWB2sDPnj5a24JyabNSvPaVM= HTTP 302
https://www.activesearchresults.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 63

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_pre=CJzP_smUvu8CFbJQ5QodWUAJGQ;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

80 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.activesearchresults.com/
Redirect Chain

https://www.activesearchresults.com/tr/rd11.php?O/mCpLSRQa+XMEAzchUEWB2sDPnj5a24JyabNSvPaVM=
https://www.activesearchresults.com/

10 KB
10 KB

147ms
147ms

Document
text/html

108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: b06189065442cec6ba909a2c1da2d22389810550024fe76260cf2a5b793021b2

Request headers

Host: www.activesearchresults.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Set-Cookie: PHPSESSID=j0010hpv6jjh3cqugijppnfm24; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 20 Mar 2021 05:41:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://www.activesearchresults.com/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK main2.css
www.activesearchresults.com/ 6 KB
7 KB 144ms
138ms Stylesheet
text/css 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activesearchresults.com/main2.css
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: a907fb1401120b17ca46b1388f37c8a74b53165e1906c9cb0b8fe791305662e7

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Tue, 25 Sep 2018 12:09:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "18d0-576b0fa7efb41"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6352

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H/1.1 200
OK asr-logo1.png
www.activesearchresults.com/images2/ 1 KB
2 KB 239ms
139ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/asr-logo1.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: e092391ed10e12a8fbf58ed07813ae5a6974a0525b53bfb0df4e6d504b0e9620

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 19 Dec 2016 02:00:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "546-543f948738040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1350

GET
H/1.1 200
OK sb_tw.png
www.activesearchresults.com/images/ 3 KB
4 KB 428ms
137ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images/sb_tw.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 31420e950e331acc9a10c4f758b0f560c5f08df2a1dc76e20f90ccd7bb75953e

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Thu, 19 Oct 2017 14:11:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "cd4-55be6eddf66c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3284

GET
H/1.1 200
OK sb_fb.png
www.activesearchresults.com/images/ 2 KB
3 KB 449ms
155ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images/sb_fb.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: b1bf4d31a2dcd58fe6c91bcc8647c822f738940150c615038e5135a97ce237d5

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Thu, 19 Oct 2017 14:11:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "96c-55be6ed190980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2412

GET
H/1.1 200
OK sb_li.png
www.activesearchresults.com/images/ 2 KB
3 KB 449ms
155ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images/sb_li.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 17394168117f1c91d7c53b8fafe2a7aee6ba438e3bb423a5f6bc9fb278a8fadb

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Fri, 20 Oct 2017 16:30:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "91a-55bfcfc84c880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2330

GET
H/1.1 200
OK asr-logo.png
www.activesearchresults.com/images2/ 4 KB
4 KB 440ms
146ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/asr-logo.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: c73662e53642660534e0a3ed1d3f2aeb97e28a751579f48180d4c47f04ad57cb

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 19 Dec 2016 02:00:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "fd4-543f948738040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4052

GET
H/1.1 200
OK about-icon.png
www.activesearchresults.com/images2/ 3 KB
4 KB 480ms
148ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/about-icon.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: f14b53a09c7b641d3bc4ea4bca3df87a5c2b9731759e3c3dd8f61d1cfddb285d

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 19 Dec 2016 02:00:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "d03-543f948738040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3331

GET
H/1.1 200
OK tech-icon.png
www.activesearchresults.com/images2/ 5 KB
5 KB 247ms
144ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/tech-icon.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: bf51e464dfcfb2e718f5c008ab3f725d6e32102fe6d1d60adc97aab1c3116a57

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 19 Dec 2016 02:00:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "134e-543f948738040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4942

GET
H/1.1 200
OK rank-icon.png
www.activesearchresults.com/images2/ 5 KB
5 KB 226ms
140ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/rank-icon.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: ca8c94cd743b6c38b31c1ae39f86d7f8bf57ffcf54ed165ba0ec691e1c4b92b8

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 19 Dec 2016 02:00:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "125a-543f948738040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4698

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0529015495139792&plah=www.activesearchresults.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6
date: Sat, 20 Mar 2021 05:41:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 20 Mar 2021 07:41:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 9A63 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 04:26:34 GMT
expires: Sat, 03 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 4502
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK search-btn.png
www.activesearchresults.com/images2/ 1 KB
2 KB 297ms
148ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/search-btn.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/main2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 287aebfc51e58cd0bfa70fa29641686f8169a6a491e1b4694df634c086ab9fe1

Request headers

Referer: https://www.activesearchresults.com/main2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 27 Feb 2017 03:32:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "59b-5497abc16c580"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1435

GET
H/1.1 200
OK articles-icon.png
www.activesearchresults.com/images2/ 3 KB
3 KB 360ms
137ms Image
image/png 108.36.145.223
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.activesearchresults.com/images2/articles-icon.png
Requested by: Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/main2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.36.145.223 Middletown, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-36-145-223.phlapa.fios.verizon.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 746080179d45e3d2003c30f50968458d4b3189fa90538292184147cb1909056c

Request headers

Referer: https://www.activesearchresults.com/main2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:41:36 GMT
Last-Modified: Mon, 24 Sep 2018 22:35:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "c9b-576a59b1ed226"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3227

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jj8ihwM8iJcKqks9m14tqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "0ab444474500f3dd8e11c64dab872e43"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-jj8ihwM8iJcKqks9m14tqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 34ms
20ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2050458787&utmhn=www.activesearchresults.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Active%20Search%20Results%20Search%20Engine&utmhid=461029959&utmr=-&utmp=%2F&utmht=1616218896328&utmac=UA-19072563-1&utmcc=__utma%3D128529052.9714800.1616218896.1616218896.1616218896.1%3B%2B__utmz%3D128529052.1616218896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=861350465&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
648 B 152ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.activesearchresults.com&callback=_gfp_s_&client=ca-pub-0529015495139792

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0529015495139792&plah=www.activesearchresults.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0178c0eddcee24bab4fa1bc78832441c79acef3c3e3b975080c66210ee340447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.activesearchresults.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.activesearchresults.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 13ms
13ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.activesearchresults.com%2F&tn=DIV&cls=row%20top-bar&ign=false

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7758 3 KB
1 KB 104ms
90ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&adk=1812271804&adf=3025194257&lmt=1616218896&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.activesearchresults.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616218896259&bpp=6&bdt=166&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3757702498078&frm=20&pv=2&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df96e9354d58435f00dc90d0bae41f547b4d496730ee88e0c11137c2484f08f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0529015495139792&output=html&adk=1812271804&adf=3025194257&lmt=1616218896&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.activesearchresults.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616218896259&bpp=6&bdt=166&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3757702498078&frm=20&pv=2&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 05:41:36 GMT
server: cafe
content-length: 537
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Mar-2021 05:56:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8825 53 KB
20 KB 542ms
539ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d03113c0aec91f1c9446fe1887a74461f8a2a3aef4d2e30113f15a7d94a36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 05:41:36 GMT
server: cafe
content-length: 20606
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Mar-2021 05:56:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:36 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF87 53 KB
20 KB 453ms
452ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71191f78ac9bd2f860c3e337f03ace73ff32a309cc5bbfa8f6e0c042dd4ed153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 05:41:36 GMT
server: cafe
content-length: 20463
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Mar-2021 05:56:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:36 GMT
cache-control: private

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 142 KB
50 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b1e4b6799aa648960345ee40c4824edf0aa9f253c3cdfc6b4ddb3251f9c071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 16:28:44 GMT
server: sffe
age: 195404
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50982
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:24:52 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 96 KB
33 KB 39ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fc2091802916fff06a360ed71d44051838cafb35ba6e7f7d04c5fc74b7a2f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 16:28:44 GMT
server: sffe
age: 195399
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34047
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:24:57 GMT

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 141E 2 KB
954 B 41ms
36ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08768cdee30c9c45d25bb0ede0fe8dea31fa723e1763006d9edc1aa96b3ac2f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zYd0IiZ4hOYfFiZWvz3+BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=lLC3sFz06b2B3XVc0trDaj5J7b1WMQOVqc2T3W-DYZ8iEGplzfOf1aaDRn8mfOIEm-wrRpRcwUJcR0cizFXw5NfbyX-njjiBzjyJ689xLEBw-Scfado1sJliQFMVkOmzK_xgKQAQeVsGx1B7oH_0RyUl8cbfW4ul7zDmyZJJ0xg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Mar 2021 05:41:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-zYd0IiZ4hOYfFiZWvz3+BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 951E 2 KB
1 KB 36ms
34ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c59a91ff2c6aea1c893cb7cd93ea2a23a79475be1b0cf03779642ad6417de8da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8O+gGrcofQUMSNk/VZ8Vjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=lLC3sFz06b2B3XVc0trDaj5J7b1WMQOVqc2T3W-DYZ8iEGplzfOf1aaDRn8mfOIEm-wrRpRcwUJcR0cizFXw5NfbyX-njjiBzjyJ689xLEBw-Scfado1sJliQFMVkOmzK_xgKQAQeVsGx1B7oH_0RyUl8cbfW4ul7zDmyZJJ0xg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Mar 2021 05:41:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-8O+gGrcofQUMSNk/VZ8Vjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7D4 54 KB
20 KB 569ms
569ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da1c7b8f53e394ad959da2045a17394a2e5905d4e72820647ce20cf781ca78ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 05:41:36 GMT
server: cafe
content-length: 20777
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Mar-2021 05:56:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:36 GMT
cache-control: private

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 1711 566 B
862 B 35ms
16ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.activesearchresults.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8674f10bfd01ef94092c31dc320d2acbd084708dd5cc01c3fbe8c998e8854477

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I9Tb0+67D1vwh3hTHuGliA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.activesearchresults.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=lLC3sFz06b2B3XVc0trDaj5J7b1WMQOVqc2T3W-DYZ8iEGplzfOf1aaDRn8mfOIEm-wrRpRcwUJcR0cizFXw5NfbyX-njjiBzjyJ689xLEBw-Scfado1sJliQFMVkOmzK_xgKQAQeVsGx1B7oH_0RyUl8cbfW4ul7zDmyZJJ0xg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Mar 2021 05:41:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-I9Tb0+67D1vwh3hTHuGliA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 951E 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.activesearchresults.com&url=https%3A%2F%2Fwww.activesearchresults.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 141E 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 1711 10 KB
5 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.activesearchresults.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 19:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 17:30:24 GMT
server: sffe
age: 469137
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Mon, 14 Mar 2022 19:22:39 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 1711 12 KB
5 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zXJ6Kn2kkeII1BXFn7oJKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c489adc86eb80e5d71f9e88a3dbbf731"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-zXJ6Kn2kkeII1BXFn7oJKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame 1711 49 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8532d9187eca47ce982ccb2eae3218cbb950ef0e8f90c1e5be56b85bd217f3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 16:28:44 GMT
server: sffe
age: 195402
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17801
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:24:54 GMT

GET
H2 200 12486354525566015235
tpc.googlesyndication.com/simgad/ Frame DF87 21 KB
21 KB 33ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12486354525566015235?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlTx312Wlc2gsIchcKWOCyXmGR_FA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ebbd79e37ed1535afb955d5f0cb83751886adb562c2bb904aa327c78ff63ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 04:32:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 16:55:22 GMT
server: sffe
age: 4152
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21243
x-xss-protection: 0
expires: Sun, 20 Mar 2022 04:32:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame DF87 17 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:39:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DF87 2 KB
1 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF87 117 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DF87 13 KB
6 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DF87 25 KB
11 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 16:22:55 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF87 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8ehzEItVYPGGGbKtrAS1uKgI45md2WHF7IeeyAyovc2vlRwQASDL3ucaYJWKuILIB6ABvaG7ygPIAQKoAwHIA8kEqgTPAU_Qlw2kX1m6waAQywZjjCi2mnFdWNIcmleAM4ZjYmgKDtIcJa89tEbxbckrDRyWzIwawy3EkCl7pWn_X_AuJygcFaax7o4YhVTq034cOUstENJWMaRGvEAH_qd9xARaJRvd2ef4XKAdEbD6LL4qlN0cCav_cMzAOdXvgExb9IfYzgh6Zo2iaNg1PWYmgTdWMixtlV7q8g46-H43Fkzn0vPPi0Wn5DBt0oGlDNr6BY8kAdWkFwVqyyOoLt_xMkQ23oPbA6sQ9gjdCn4zxtAGXcAEooLDkZkDkgUECAQYAZIFBAgFGASgBgKAB6vexDWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQxZlG0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTA1MjkwMTU0OTUxMzk3OTI&sigh=xEoDFR_6VzA&tpd=AGWhJmtgxZK9hFTGbIY9zZoPzHFZcj_5uBLfb7n54r19ne1h3g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Mar 2021 05:41:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41AF 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=7204749104&adk=1656332809&adf=2824717477&pi=t.ma~as.7204749104&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896304&bpp=1&bdt=212&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vVLd90fsbS&p=https%3A//www.activesearchresults.com&dtd=81

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 05:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1096
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DF87 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc71c9c5806d6dcda00d021ac3010bb0456e55cf3124c58b5e043e0440ab843a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12486354525566015235
tpc.googlesyndication.com/simgad/ Frame 8825 21 KB
21 KB 36ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12486354525566015235?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlTx312Wlc2gsIchcKWOCyXmGR_FA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ebbd79e37ed1535afb955d5f0cb83751886adb562c2bb904aa327c78ff63ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 04:32:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 16:55:22 GMT
server: sffe
age: 4152
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21243
x-xss-protection: 0
expires: Sun, 20 Mar 2022 04:32:24 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8825 17 KB
7 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:39:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8825 2 KB
1 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8825 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:36 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8825 13 KB
6 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:40 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8825 25 KB
11 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 16:22:55 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8825 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_s3EItVYJaNGcup3gO91LfgDeOZndlhxeyHnsgMqL3Nr5UcEAEgy97nGmCViriCyAegAb2hu8oDyAECqAMByAPJBKoEzwFP0J15ytfD2pWuwjFLyHMaCdaKXXP9AVEBRKX4DpzL3VhDflnHbeqHcuNWk15gqMxeu2SIqOTxdmd1iMlCzk6ZChqE5ZFJaallldlEWQcWCVUDmIBqqZbbEbNXSFNDomYVhll9mw2NEGxMDs7XaxIfFBKUbMCdrUIhEAcnTRYYrYGyadNX24NpxJJJgUJ28hbmo5aY2aFaCg0Woeir3eoFRc9hNq3IuArbCUXvUuin2SjclcCImmGovh1wF77OaYVEwFty5_DAz2krQ2I7-H3ABKKCw5GZA5IFBAgEGAGSBQQIBRgEoAYCgAer3sQ1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEJeemgHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMDUyOTAxNTQ5NTEzOTc5Mg&sigh=ZpkmjPvrKfM&tpd=AGWhJmtvrGVW2OUCKMtbKQAMBobP6rGiCZLgQQpsUPJ7_FZLXg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Mar 2021 05:41:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

15ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 06:41:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 837E 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 70657
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF12 143 B
169 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=2774549505&adk=3584751277&adf=3215562993&pi=t.ma~as.2774549505&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896265&bpp=16&bdt=172&idt=108&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNrMCrpwPq&p=https%3A//www.activesearchresults.com&dtd=113

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 05:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1097
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame AF65 247 B
774 B 178ms
49ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

6f770c2c7a62aadbfad799c9acf1e1df928a3c080a107bee44a1d75e9b336831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-krRpSRUmz3M0xm5zNfjt0w' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 202
date: Sat, 20 Mar 2021 05:41:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8825 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b6692af082629a1b385e97a33fb2db8a5b456459681c80fd5bcf3e2f0710ac7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 3946521783012461083
tpc.googlesyndication.com/simgad/ Frame F7D4 39 KB
39 KB 7ms
7ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3946521783012461083

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830163b6fd5837208a053184f72bf0ce600c13f3f1fb46953549d47e61583a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 23:18:30 GMT
x-content-type-options: nosniff
age: 22987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39703
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 14:05:36 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 23:18:30 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame F7D4 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:39:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F7D4 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7D4 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:37 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F7D4 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 05:40:40 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F7D4 25 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 16:22:55 GMT

GET
H3-Q050

200

B25195269.291118114;dc_pre=CJzP_smUvu8CFbJQ5QodWUAJGQ;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame F7D4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_pre=CJzP_smUvu8CFbJQ5QodWUAJGQ;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag...

42 B
515 B

132ms
77ms

Fetch
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_pre=CJzP_smUvu8CFbJQ5QodWUAJGQ;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: www.activesearchresults.com
URL: https://www.activesearchresults.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25195269.291118114;dc_pre=CJzP_smUvu8CFbJQ5QodWUAJGQ;dc_trk_aid=484193374;dc_trk_cid=143130545;ord=1884302172;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F7D4 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsWybEItVYJzpGfWAjuwP3q-yYJq3yP9gq-3EvvEMwI23ARABIMve5xpglYq4gsgHoAH0uL_FA8gBA6gDAcgDyQSqBMgBT9Acp0IY3g9om9aCqDH1p7BPW6M-pPQboBkDFF8lOZ4owX8-rrnvZVTutFYRYNxjBpghMyMmqzMCY4V8lf2IzT8EtmrVtvC7rflJ6ZcHjGx0pMCds4T31oY0lbCM4oy3F5bo77sFfOcdU2HKduebV_m-yI0h74W7W507STCo6PflKUtE0Ox0yy9Hb7DEYN6k_LQ_BwBWEd-eKQ3Oe5zZ2MpPrL17G60XjJC81jOFCYfONHkgkIbh467M64MPm-ZRssfcSxdIG7HABMHKoomRA5IFBAgEGAGSBQQIBRgEoAYDgAfsoaimAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCo_xHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMDUyOTAxNTQ5NTEzOTc5Mg&sigh=poXBKemnJ58&tpd=AGWhJmtc1dVkLlqoOmZwqtXgDYON_eGfe-B45bE6lHm5Lqsi1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Mar 2021 05:41:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF12
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
13ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 06:41:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C68 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529015495139792&output=html&h=90&slotname=4251282705&adk=606715889&adf=2653041513&pi=t.ma~as.4251282705&w=728&lmt=1616218896&psa=0&format=728x90&url=https%3A%2F%2Fwww.activesearchresults.com%2F&flash=0&wgl=1&dt=1616218896306&bpp=1&bdt=213&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=3757702498078&frm=20&pv=1&ga_vid=9714800.1616218896&ga_sid=1616218896&ga_hid=461029959&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068944%2C44739387&oid=3&pvsid=2738465948310295&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fjvPezcOHh&p=https%3A//www.activesearchresults.com&dtd=101

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 05:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1097
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
13ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 06:41:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 05:41:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 05:41:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F7D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e002c2cd45eaad5c8bbf3d77bd4ef78dfef1c806a10d9e7c704f8878939cde39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 551D 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 70658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 iframe.html Show response
p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame AF65 7 KB
3 KB 122ms
66ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

5207a81a427f98c1717bc6c2c1a31a783d3b4e1105bc9cf5559bf6178314e543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-8nduribfmVZn6dkvGaTZeA' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2424
date: Sat, 20 Mar 2021 05:41:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1338353383&utmhn=www.activesearchresults.com&utmt=event&utme=14(2040*0*0*140*20*600*960*960)(2045*0*0*146*20*602*968*968)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Active%20Search%20Results%20Search%20Engine&utmhid=461029959&utmr=-&utmp=%2F&utmht=1616218897387&utmac=UA-19072563-1&utmcc=__utma%3D128529052.9714800.1616218896.1616218896.1616218896.1%3B%2B__utmz%3D128529052.1616218896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 04:31:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4193
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
35ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25fdca532a9bb28d01740133d6394ac8044ebad6ba3d4c264bd6e84491601dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 05:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6618
x-xss-protection: 0

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9445 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 70658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 05:41:37 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9E7C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.activesearchresults.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.activesearchresults.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 18:05:40 GMT
expires: Sat, 19 Mar 2022 18:05:40 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 41757
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E7C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 70658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=2738465948310295&bg=!W1ilWBzNAAbUo7L91KM7ACkAdvg8Wt5UygUxn7_2y8QcGnHDtAlI2NRMf2ajpNhYZRo7zj3OgJNABwIAAABYUgAAABBoAQcKAT_z-g20K6Jx8zL4-QOA310z2HKcenfpP5ZJ3ugEuH2PQv0dyZFRk2dDRORPxQq_TQg90NWjQD5P1zyE5Cb0CbOzYjhcFVoXij7q_nDdMFGhbfAm2h6iHMLZEXcLqBi1kEbezxPjTIBOg60Csx02-Q1QVjjjBNRsWjAN1jfVAACQVfk_7yEdhs7LBnqoB-tht4VOyIOmwSH3Vqh_F2-WVlQvDt0S5BZivB33IKy25MOipGEBxNmEKmiaL6_LXlZNtTGqKrSdp3fpGvblKVYbVPUHIUjNnTjqb5GvuE5WyYkDw3BjwqxNxnU9qo_eyHAlvDS1k2kaZJilMMQq1dQD9ODaPGjCXPqwjmw2OZ5HsGZcDRkrXc_xC41vcMpJ9t2g6cFvK3-ZYAiPIwM9EHmhmt8Sn8ahQDei9xIEUF4RwKozmQHZvMR--0jlg9Lr8EhpcsjdDGw7oIMKxfexNtszppIQlrbtdxW9FpKoFntmhse8poyohnweX-TWIkbR_1-clthuNQxnb8EO0thWWxd0yA_mz6Fb8Jgjg3wxNDnrJKGbchORmdOitB51ufBzUC3J6sevdFRZU0MydDHwH9Iq2WY3J_issjG1XLqlBj-fK8YdtnlgP2DI2rb9HNdhJy3Zmb_5cO5tBb2IBnRpIZ6sgihM2wkoodA5mOF-19v0rz6wA_TPHwHvYPQYbC_kDCz5gkaCxfwyN3dpRsSEb7SIwAqcddNi95c5BVh7dDi01BNduEkZrPz7hjqA-tdfBEGrVcQeXnewrNGuaj7KQGAokxb9WBM3Kcxg-RvdUX8JI-CGhper-pAwaZoR8xzi_l4ima4JZaeZx8si2nvZaoBD3VFKJ90n1Q3kMTNQJfZEo8OktY4Yw6rfm5tUqeKzMB_JQblTGqxyQzOqPQWKvnoCRm_HffD-th1TnDwsQhm1cp2ROFGI4Gk_w90qIQz_5_47WjYmgtegC4a6cPkovin2k_2U9vlwp8HhYZMlHHp1w8ZgAk9TqtNwpmFrmKLcjSvqNbcZT7yUMrK1kDT7vtzqT-f3WjY_8oczKEUHyYs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.activesearchresults.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF87 42 B
132 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1uPBW7repq4sSYA_hvHsJqEqB6A5ZVk_xQJDxdODq1s7d28xIa655L9o7W0lYy1p0fm3qjiiBMrtEg299sxwKdnRAAThKfM5cHQ8W27rumm-AUY1T3SQwEnvcaQ&sai=AMfl-YTB2H5LQu5jpzFPo7NnhjOV38U6wH9EACTJKvdNNBvSZDoJeuPafIO_wihOde2DkWgDgqP9v6PoolCo&sig=Cg0ArKJSzLbSByjhLSqfEAE&id=osdim&mcvt=1000&p=752,436,842,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1656332809&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616218896386&dlt=456&rpt=50&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8825 42 B
89 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI7eikmREs7cBh6acHHGOWZ241tC3c5IR9kBqIr_YzhRAyO5J9k_VlxAVBcsyiHfh-r7RUrrbTHyIEiVD9GZDwdmh1V_GtLF7QCiubBDJLisX4sjyuPGHXwTeNYQ&sai=AMfl-YSlAnoZp5SO4X797H5QyTkYNy0U_WgSCWgn98v4XIjUdn_XXNwVe98fjYYceyWipTqQMFujD6pbipar&sig=Cg0ArKJSzKmyNleF7Ei4EAE&id=lidar2&mcvt=1000&p=147,436,237,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3584751277&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616218896379&dlt=557&rpt=51&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame AF65 35 B
410 B 176ms
13ms Image
image/gif 2a00:1450:4001:82a::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame AF65 35 B
410 B 219ms
57ms Image
image/gif 216.58.212.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.146 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 05:41:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:57:02	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:18:34	Name: IDE Value: AHWqTUmUms-3h-23lGbx0_W1eERE_SG8rKNfb1EEpjpVn0T2fGLQzKvCw8SQRHu1-K0
.doubleclick.net/	1970-01-19 16:56:59	Name: test_cookie Value: CheckForPermission
.activesearchresults.com/	1970-01-19 21:19:46	Name: __utmz Value: 128529052.1616218896.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.activesearchresults.com/	1970-01-19 16:56:59	Name: __utmt Value: 1
.activesearchresults.com/	1970-01-20 02:18:34	Name: __gads Value: ID=0af32956a7927aa4-2213239d28a700c7:T=1616218896:RT=1616218896:S=ALNI_MZh5XMDYtcwZ0KlAKOk3-nnqM0_LA
.activesearchresults.com/	1970-01-20 10:28:10	Name: __utma Value: 128529052.9714800.1616218896.1616218896.1616218896.1
.activesearchresults.com/	1969-12-31 23:59:59	Name: __utmc Value: 128529052
.google.com/	1970-01-19 21:20:30	Name: NID Value: 211=lLC3sFz06b2B3XVc0trDaj5J7b1WMQOVqc2T3W-DYZ8iEGplzfOf1aaDRn8mfOIEm-wrRpRcwUJcR0cizFXw5NfbyX-njjiBzjyJ689xLEBw-Scfado1sJliQFMVkOmzK_xgKQAQeVsGx1B7oH_0RyUl8cbfW4ul7zDmyZJJ0xg
.activesearchresults.com/	1970-01-19 16:57:00	Name: __utmb Value: 128529052.2.9.1616218897387
www.activesearchresults.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: j0010hpv6jjh3cqugijppnfm24

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
apis.google.com
googleads.g.doubleclick.net
p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i1-v6exp3.ds.metric.gstatic.com
p4-erfybx5ayzd2c-g76cpls6fdimqixx-492336-i2-v6exp3.v4.metric.gstatic.com
p4-erfybx5ayzd2c-g76cpls6fdimqixx-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
ssl.gstatic.com
tpc.googlesyndication.com
www.activesearchresults.com
www.google.com
www.googletagservices.com
108.36.145.223
142.250.185.67
142.250.186.162
216.58.212.146
216.58.212.166
2a00:1450:4001:800::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2012
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
0178c0eddcee24bab4fa1bc78832441c79acef3c3e3b975080c66210ee340447
08768cdee30c9c45d25bb0ede0fe8dea31fa723e1763006d9edc1aa96b3ac2f4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
17394168117f1c91d7c53b8fafe2a7aee6ba438e3bb423a5f6bc9fb278a8fadb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd
25fdca532a9bb28d01740133d6394ac8044ebad6ba3d4c264bd6e84491601dcc
287aebfc51e58cd0bfa70fa29641686f8169a6a491e1b4694df634c086ab9fe1
2ebbd79e37ed1535afb955d5f0cb83751886adb562c2bb904aa327c78ff63ef8
31420e950e331acc9a10c4f758b0f560c5f08df2a1dc76e20f90ccd7bb75953e
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
43d03113c0aec91f1c9446fe1887a74461f8a2a3aef4d2e30113f15a7d94a36d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
5207a81a427f98c1717bc6c2c1a31a783d3b4e1105bc9cf5559bf6178314e543
53b1e4b6799aa648960345ee40c4824edf0aa9f253c3cdfc6b4ddb3251f9c071
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
6f770c2c7a62aadbfad799c9acf1e1df928a3c080a107bee44a1d75e9b336831
6fc2091802916fff06a360ed71d44051838cafb35ba6e7f7d04c5fc74b7a2f5a
71191f78ac9bd2f860c3e337f03ace73ff32a309cc5bbfa8f6e0c042dd4ed153
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
746080179d45e3d2003c30f50968458d4b3189fa90538292184147cb1909056c
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
830163b6fd5837208a053184f72bf0ce600c13f3f1fb46953549d47e61583a4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
8532d9187eca47ce982ccb2eae3218cbb950ef0e8f90c1e5be56b85bd217f3a9
8674f10bfd01ef94092c31dc320d2acbd084708dd5cc01c3fbe8c998e8854477
8b6692af082629a1b385e97a33fb2db8a5b456459681c80fd5bcf3e2f0710ac7
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a907fb1401120b17ca46b1388f37c8a74b53165e1906c9cb0b8fe791305662e7
b06189065442cec6ba909a2c1da2d22389810550024fe76260cf2a5b793021b2
b1bf4d31a2dcd58fe6c91bcc8647c822f738940150c615038e5135a97ce237d5
bc71c9c5806d6dcda00d021ac3010bb0456e55cf3124c58b5e043e0440ab843a
bf51e464dfcfb2e718f5c008ab3f725d6e32102fe6d1d60adc97aab1c3116a57
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c59a91ff2c6aea1c893cb7cd93ea2a23a79475be1b0cf03779642ad6417de8da
c73662e53642660534e0a3ed1d3f2aeb97e28a751579f48180d4c47f04ad57cb
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
ca8c94cd743b6c38b31c1ae39f86d7f8bf57ffcf54ed165ba0ec691e1c4b92b8
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da1c7b8f53e394ad959da2045a17394a2e5905d4e72820647ce20cf781ca78ba
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
df96e9354d58435f00dc90d0bae41f547b4d496730ee88e0c11137c2484f08f6
e002c2cd45eaad5c8bbf3d77bd4ef78dfef1c806a10d9e7c704f8878939cde39
e092391ed10e12a8fbf58ed07813ae5a6974a0525b53bfb0df4e6d504b0e9620
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14b53a09c7b641d3bc4ea4bca3df87a5c2b9731759e3c3dd8f61d1cfddb285d

www.activesearchresults.com Open in urlscan Pro 108.36.145.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

75 %IPv6

9 Domains

17 Subdomains

20 IPs

2 Countries

748 kBTransfer

1787 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.activesearchresults.com Open in urlscan Pro
108.36.145.223 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

17
Subdomains

20
IPs

2
Countries

748 kB
Transfer

1787 kB
Size

11
Cookies

80 HTTP transactions
3 data transactions