urlscan.io logo urlscan.io
SecurityTrails logo

centre973456-628c1.gr8.com Open in urlscan Pro
104.160.64.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2furi.im%2f14wz&umid=B46357A7-D298-2705-BE49-83A5EA2621B1...
Effective URL: https://centre973456-628c1.gr8.com/
Submission: On December 08 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 62 HTTP transactions. The main IP is 104.160.64.15, located in United States and belongs to GETRESPONSE-IMPLIX, US. The main domain is centre973456-628c1.gr8.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on August 9th 2021. Valid for: a year.
This is the only time centre973456-628c1.gr8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    44.235.145.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-145-147.us-west-2.compute.amazonaws.com
imsva91-ctp.trendmicro.com
1    2606:4700:3031::6815:11c9 (United States)

ASN13335 (CLOUDFLARENET, US)
uri.im
14    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
www.googletagservices.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fr
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.160.64.15 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com
centre973456-628c1.gr8.com
4    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
us-as.gr-cdn.com
2    104.160.64.77 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com
ga.getresponse.com
5    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
us-ms.gr-cdn.com
us-as.gr-cdn.com
2    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
Domain Requested by
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 pagead2.googlesyndication.com uri.im
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
uri.im
googleads.g.doubleclick.net
7 us-as.gr-cdn.com centre973456-628c1.gr8.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
2 dev.visualwebsiteoptimizer.com centre973456-628c1.gr8.com
2 us-ms.gr-cdn.com centre973456-628c1.gr8.com
2 ga.getresponse.com centre973456-628c1.gr8.com
ga.getresponse.com
2 centre973456-628c1.gr8.com us-as.gr-cdn.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 uri.im
1 imsva91-ctp.trendmicro.com 1 redirects
0 sentry.int.getresponse.com Failed us-as.gr-cdn.com
62 18

This site contains links to these domains. Also see Links.

Domain
ct53349.tmweb.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-25 -
2022-06-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gr8.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-09 -
2022-08-29		 a year crt.sh
*.gr-cdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-10		 a year crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-11		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh

This page contains 12 frames:

Primary Page: https://centre973456-628c1.gr8.com/
Frame ID: 1ABAE2DA71C4028DAC2C406D197BC4C0
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Frame ID: E33523BA489C0A8BC53B41E93A1EC196
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675831896759698&output=html&adk=1812271804&adf=3025194257&lmt=1638953495&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Furi.im%2F14wz&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638953495072&bpp=4&bdt=198&idt=102&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7996871116023&frm=20&pv=2&ga_vid=768407836.1638953495&ga_sid=1638953495&ga_hid=653364972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750774&oid=2&pvsid=453550756559129&pem=251&tmod=684998985&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113
Frame ID: ADBC42D11B269E38E9303D78CE4E63B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4EB34930CB52EA8779C6E3366C652904
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7591E643C9F0097A30E52ADDB5F40B14
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 93B8B1C5989440E693D38BD497198603
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1EE4F259FA63D9F3D81E95A1AAB3B4E0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: B8FF0C513A2537ED50C8402DE41E2451
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8122509FA23B5BD8EA1C4626A7482D37
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 214C49964843D24397B0D524C4FD1FA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8580A54DA184BC6FFAC4D5853A463903
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E046E3643FCAEB6E6018003D840E98FB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

centre-ct

Page URL History Show full URLs

  1. https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2furi.im%2f14wz&umid=B46357A7-D298-27... HTTP 302
    https://uri.im/14wz Page URL
  2. https://centre973456-628c1.gr8.com/ Page URL

Page Statistics

62
Requests

97 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

15
IPs

2
Countries

1055 kB
Transfer

3247 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2furi.im%2f14wz&umid=B46357A7-D298-2705-BE49-83A5EA2621B1&auth=b2e75a85dac1d6c2329f45d980d65bc87d967b19-b9a9ffe5d113a4bb2df1b2367a585e533aca0a57 HTTP 302
    https://uri.im/14wz Page URL
  2. https://centre973456-628c1.gr8.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2furi.im%2f14wz&umid=B46357A7-D298-2705-BE49-83A5EA2621B1&auth=b2e75a85dac1d6c2329f45d980d65bc87d967b19-b9a9ffe5d113a4bb2df1b2367a585e533aca0a57 HTTP 302
  • https://uri.im/14wz
Request Chain 33
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 36
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
14wz
uri.im/
Redirect Chain
  • https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2furi.im%2f14wz&umid=B46357A7-D298-2705-BE49-83A5EA2621B1&auth=b2e75a85dac1d6c2329f45d980d65bc87d967b19-b9a9ffe5d113a4bb2df...
  • https://uri.im/14wz
460 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uri.im/14wz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:11c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572a275bf3f0b9812c240db044f288b6ad76eff49f59d12f3da17ae3aa5b6da8
Security Headers
Name Value
X-Frame-Options ALLOW-FROM *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Wed, 08 Dec 2021 08:51:34 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
x-frame-options
ALLOW-FROM *
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npmiLYw6f9q0CQ7NFKz8HFrN3M4zjvMb8McAj290fwtHlehc7dFyyDzaWwthlFo%2FAuWzblEeIVEuUQPvqbVkgw0SwMnZoRrfUi42fjo%2F9qjxtQdJmuUToGDK7XMMYAofq%2BD5Aps%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ba4c0ad9ccb3745-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 08 Dec 2021 08:51:34 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://uri.im/14wz
server
nginx/1.12.1
access-control-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: uri.im
URL: https://uri.im/14wz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2ab6485c38a958c46e20b2e82b3ed706360cc7f5e225f572f9c8076cdafe1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51962
x-xss-protection
0
server
cafe
etag
9166977378153732534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 08:51:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 		273 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bee66939a28b171f1be2c2a85e47385d01a1c36e35a1304314c2990ae797a323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100886
x-xss-protection
0
server
cafe
etag
16349780436827152698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 08:51:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/ Frame E335 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 07 Dec 2021 19:03:43 GMT
expires
Tue, 21 Dec 2021 19:03:43 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
49672
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		210 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=uri.im&callback=_gfp_s_&client=ca-pub-3675831896759698
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
b3df8b70eb65dbe548f6d30f514f50d4622070a4ac3e2474254f121428c64705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=uri.im
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uri.im
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ADBC 		248 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3675831896759698&output=html&adk=1812271804&adf=3025194257&lmt=1638953495&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Furi.im%2F14wz&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638953495072&bpp=4&bdt=198&idt=102&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7996871116023&frm=20&pv=2&ga_vid=768407836.1638953495&ga_sid=1638953495&ga_hid=653364972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750774&oid=2&pvsid=453550756559129&pem=251&tmod=684998985&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
674ad8a5d87b5cbfa2ce05c367344d52e8918df7745aa268680ca73f4206a883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 08:51:35 GMT
server
cafe
content-length
62964
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 08:51:35 GMT
cache-control
private
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc8aa3110e648a5a2f5e54529755fb6d50758268746bde1f1354aed04cc8d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53782
x-xss-protection
0
server
cafe
etag
15922008689686919708
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 08:51:35 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=uri.im
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uri.im
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/ Frame 4EB3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 07 Dec 2021 19:20:22 GMT
expires
Tue, 21 Dec 2021 19:20:22 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
48673
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/ Frame 7591 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 07 Dec 2021 19:20:22 GMT
expires
Tue, 21 Dec 2021 19:20:22 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
48674
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 4EB3 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 07:37:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 08:51:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 08:51:36 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4EB3 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:04:37 GMT
x-content-type-options
nosniff
age
53219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Dec 2022 18:04:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4EB3 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:06:12 GMT
x-content-type-options
nosniff
age
53124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Dec 2022 18:06:12 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/ Frame 4EB3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
860a2d1e52b3c209d9e566a7962296196eb7800255520c48f88ed898c19e5549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8337
x-xss-protection
0
server
cafe
etag
2041019696210882227
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:42:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7591 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpnQqF3KwYarND9Tvtwejz4DQC7nOyu1m_eT48_kO-p3coNQBEAEgz4S2CmD7gYCAiArIAQOpAvaS7zOC8bI-qAMByAPJBKoEuQFP0K-2iOpMPcsFl7qRUxuIRi5-8dbWDjVUYkA2mi1tvWuMrelYph0D5e7XSL6SUx0Exent0y-pmqhYs54D_sVgP0M7EcQPnFNkRYGHOCJrnDG0YHKosR9-wuUm6dahQrhiF4nL-Q8CHpEQ7-44i9xH9anhAOaKS_20t-uPYHB8JSjJ5P9EAzQk1-HNUQb0e9y9L57R6wbNdLZsZs-m9P4M-4kSkHNcd2jOXQEhKmkdirXbrjUm8jaIB8AElcOwn9EDkgUECAQYAZIFBAgFGASgBgOAB4um0nyoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDC4gTSCAkIgOGAEBABGB-ACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzY3NTgzMTg5Njc1OTY5OBgA&sigh=SeRxVPZFPEk&uach_m=[UACH]
Requested by
Host: uri.im
URL: https://uri.im/14wz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 08 Dec 2021 08:51:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 08 Dec 2021 08:51:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 7591 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:44:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 7591 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:32:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7591 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 08:51:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 7591 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:37:31 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 7591 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
server
cafe
etag
810747636693205972
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Dec 2021 18:44:43 GMT
3716479552651818392
tpc.googlesyndication.com/simgad/ Frame 7591 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3716479552651818392
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81bfdde974a180fbfb155ba3f1b441906e10acff2ebd24c63a051467e9cd4dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 10:16:46 GMT
x-content-type-options
nosniff
age
599690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24895
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:57:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 10:16:46 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 93B8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 07:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3184
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7591 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4bf396ffceceed2aea6e67844a22f5f95d2b595fcf1a4c7a792babdfec29ed6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 1EE4 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 07:41:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 08:51:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 08:51:36 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 1EE4 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:50:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 1EE4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:44:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 1EE4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:36:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1EE4 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 08:51:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 1EE4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 08:43:49 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 1EE4 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 19:06:50 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 93B8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 08:51:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 08:51:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 08:51:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame B8FF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 07:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 07:31:39 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8122 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 07:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3184
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8122
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 08:51:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 08:51:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 08:51:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 214C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: uri.im
URL: https://uri.im/14wz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 07:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 07:31:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a29b326beec9df8a31acdc3a5fd57ec4e3b4999f07310e2fe0f2281ec3664ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8432
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3675831896759698&plah=uri.im
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Wed, 08 Dec 2021 08:51:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8580 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 08 Dec 2021 08:32:03 GMT
expires
Thu, 08 Dec 2022 08:32:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E046 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9251f46adc2c1a3e11c4ba70ef1e25e0e260370f228604bb07589d4083aa4f04
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EruSftbnS6a9feJo3xNJPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 08 Dec 2021 08:51:37 GMT
date
Wed, 08 Dec 2021 08:51:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-EruSftbnS6a9feJo3xNJPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 8580 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 07:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 07:31:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E046 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211206&jk=453550756559129&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211206&jk=453550756559129&bg=!SEulSw_NAAaQHwIOkB87ACkAdvg8WncAw3LNkpBRpsHRxup0P3_ZYOj_1uWIN83jmEKX7IDsBsbvXwIAAABhUgAAAAtoAQcKACoa-JdWKmDWvhNh49tE3jHgav480HC_Wx-tUdT4zR0axHDgpAEqdNB5hgaZAqYUva7dx8m8Cu-GD1zWtBwM1ru5ruhIgUB7GzffrUIgJSaed_VOZ_PyCUvy65pZJ1rp2hZYJIEd6h2CUP6pygbw-2kC2Eo7wSjwIP9sGlSo37gw4KG7hIiDs3yeLobzGsjcQwChsqDZQLEsvwGs7EL51R99_63QZZ-qG3VgnkTKHPdjokcZ0YObv_kZsv08mBQxrng4wVmKustKX0uQrqrmCi8v8e53OTfelTjXFE3iOr1-R97XQi-YuRd8yrVTtr5bIkNFJpfAIrB-C4vMTUaPVmEaOJufRiFhHbZ3R16LKo2znzUNqiohr8PJpFr2Ar8SAggx2msGTxjnZy2STrHV0C19HPEnHuo1LTyKmxGxNFFXn9SsQy6yLQBSjNz9_LLKvE4T9r3htNVdGE0d2KS6zbGyUMtnHnljIu9UXpqy644EJqC2DsTz_sxAZw9iVzmPg5NsU5zffPnNEYfGQaHEVRECCoRaCPI7zwQIo0DaZZQip3-KuwUr8G-ONXUYgZMVcLMYNbBXqNsi3scn5dYtQnXHGZZkW59IldGB2oaftyL507dWtXU1XqTL1Cq6AOZo9Ois948x4RTYz9Bob97pwjAZhUL_p6_t1H_1hJkprQPOc4OWYUuQ7o6bAagGjiyAy1zyGDXvJpNfc3DA0aIKmwTw_jusxgStnoEajYLIJ6uFuH-K_-zlMUiqNTA36BRbAPTCbA6WomBpjliKatMSmxrlQ8Id4Za1WUu0LjS9elmq7ix8Sbrd8M9O7xI3JapMDwhhSJMj5-ilNnA1dxBnK7o9bOAln7SmPV6Rp3Al1KrV7IrkO8WNRvc9oROt428oQWX1Hq8SMc4_ceSsGoPPvqszwZQsGgunfkPMXZ2JQdcHdMJurxEwDgOUfMryYz4FSOr8q-E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 08:51:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7591 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaFxx-NCldsnyajvbhZChHrhiU6Wul_km4iHdEqgkJiWiHijP7WTf3LDJ1S0jxsYr-n_zPA7dY8zJuBeXlD1z96iN2fJXIZ6JWibef&sai=AMfl-YQLbEdcWwfwYHGMRKMAxr5Y2uHmLZFOfG3lER2j9DPMdB5CgrafPJF8rOeQC_2Fe65RxxYbzQ1bwJ0A&sig=Cg0ArKJSzEnupPXbiZoyEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1117,1177&tos=84,683,233,117,60&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638953495987&rpt=194&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 08:51:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
centre973456-628c1.gr8.com/ 		35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
4910c65a41f5053ed572ae2a0270347c28bbe88f055bec3f4290fe7b8c296be7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://uri.im/

Response headers

server
nginx
date
Wed, 08 Dec 2021 08:51:37 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
activeview
pagead2.googlesyndication.com/pcs/ Frame 7591 		0
0
reset-styles.1e902265369962611575.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		925 B
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/reset-styles.1e902265369962611575.css
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://centre973456-628c1.gr8.com/
Origin
https://centre973456-628c1.gr8.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-39d"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop225.lo4.t,1638953498.cds072.lo4.hn,1638953498.cds044.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
501
core-styles.2cab1c972cf73408d695.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/core-styles.2cab1c972cf73408d695.css
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://centre973456-628c1.gr8.com/
Origin
https://centre973456-628c1.gr8.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-6914"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop225.lo4.t,1638953498.cds072.lo4.hn,1638953498.cds204.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6977
webform-styles.3853fa1d8f3990b6552f.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/webform-styles.3853fa1d8f3990b6552f.css
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a2341f0c10a1148de06a683576e211460a1c12680fd4a88fb27eafdc57f3bbc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://centre973456-628c1.gr8.com/
Origin
https://centre973456-628c1.gr8.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-7956"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop225.lo4.t,1638953498.cds072.lo4.hn,1638953498.cds044.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4697
style.css
us-as.gr-cdn.com/images/common/templates/landing/208/1/css/ 		3 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/images/common/templates/landing/208/1/css/style.css
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f21ce6d3c4d05c159ecf44188bfaeb4ff5eb1c5bf445d829df0d846c5fc8affc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://centre973456-628c1.gr8.com/
Origin
https://centre973456-628c1.gr8.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 09:26:39 GMT
etag
"6156d44f-dd1"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop225.lo4.t,1638953498.cds072.lo4.hn,1638953498.cds273.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
server-timing
dtSInfo;desc="1"
accept-ranges
bytes
content-length
730
ga.js
ga.getresponse.com/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.getresponse.com/script/ga.js?grid=sBDcBX0RfdXgIA3A%3D
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
5be8fc638bca4ff6f2316dbf8d0ee49b0c8bb9d60a64c357522334671760d044

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 08:51:38 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
application/javascript
25a66396-aaf8-4769-8f03-be3ed24dee50.jpeg
us-ms.gr-cdn.com/getresponse-QJFfb/photos/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-ms.gr-cdn.com/getresponse-QJFfb/photos/25a66396-aaf8-4769-8f03-be3ed24dee50.jpeg
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
39502f0611ace796625cf60ee4b4ff69e0c19ac3f9828da39d39a54e2ee0f0fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
x-content-type-options
nosniff
x-amz-version-id
e2MKQSF9LjWZrY51FpR0AiX2BQR0KbI0
content-security-policy-report-only
default-src 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://index-log.getresponse.com/index/marketing_csp?source=multimedia-gr
content-length
55387
x-amz-id-2
bWi/i67g7ib2XWixpTUP8VFmMlR6bg55o8zXbPSsSwzezso84M8c2xhSpkV4zgF+/Kx6TSEGu1o=
timing-allow-origin
*
last-modified
Tue, 07 Dec 2021 08:48:42 GMT
x-frame-options
DENY
etag
"47b6074d597f6859980f0e3a1f800b33"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop230.fr8.t,1638953498.cds202.fr8.hn,1638953498.cds154.fr8.c
content-type
image/jpeg
cache-control
max-age=31469192
accept-ranges
bytes
x-robots-tag
noindex, nofollow
75c9f9c4-59e6-4b4b-a09d-03227f0dfa0e.png
us-ms.gr-cdn.com/getresponse-QJFfb/photos/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-ms.gr-cdn.com/getresponse-QJFfb/photos/75c9f9c4-59e6-4b4b-a09d-03227f0dfa0e.png
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
55b24951716e218cd4bce068f27f732df7bf525370ddbc275ec6dd12351354bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
x-content-type-options
nosniff
x-amz-version-id
d2xenGz6w2WnJg2fd2n6EKrQem4MAGxc
content-security-policy-report-only
default-src 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://index-log.getresponse.com/index/marketing_csp?source=multimedia-gr
content-length
34387
x-amz-id-2
f4S35K6Iwn66aIRlKWbi7PqvxjcsWn/jEekfA+sQuV9MqGm0w9gxnnveVXl5H44xSkDA1izXWwI=
timing-allow-origin
*
last-modified
Tue, 07 Dec 2021 08:24:40 GMT
x-frame-options
DENY
etag
"6e9c928f7d4f2cdd1473021bb4618d9c"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop230.fr8.t,1638953498.cds202.fr8.hn,1638953498.cds004.fr8.c
content-type
image/png
cache-control
max-age=31469192
accept-ranges
bytes
x-robots-tag
noindex, nofollow
manifest.55a0d1ac356ab8a86275.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.55a0d1ac356ab8a86275.js
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4386bffa5590f81d2dc467d433d338f3a98699889a9b7db311644deb24a74b81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-1435"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop230.fr8.t,1638953498.cds202.fr8.hn,1638953498.cds238.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2419
vendor.chunk.d4e5dc32bd038882ca6b.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		680 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.d4e5dc32bd038882ca6b.js
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9c61b98bd34e708ea324effefb5dfc87264be6cd160f1beec7146b508029155c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-aa1e0"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop230.fr8.t,1638953498.cds202.fr8.hn,1638953498.cds051.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
191661
show.chunk.2a113bbc2514ac772b04.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		956 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.2a113bbc2514ac772b04.js
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e545094ced520a47a23cb7c0e15c3e0b8d7d0dbf7edaec75f3342bb92c482893
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-eefbf"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1638953498.dop230.fr8.t,1638953498.cds202.fr8.hn,1638953498.cds261.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
247990
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=4859&amp;u=https%3A%2F%2Fcentre973456-628c1.gr8.com%2F&amp;r=0.17976494549465238
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel1 /
Resource Hash
5bca10f0baf16a48169ed1bbd249bc6ee3a760666cf0ad1398d5b957652343cf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 08:51:38 GMT
via
1.1 google
server
gbel1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=4859&d=centre973456-628c1.gr8.com&u=DEADF8B2A0A539F2B4804819DEFFD5447&h=c37e420c8c7da8351970c90f2b638bfa&t=false&r=0.5511504842029966
Requested by
Host: centre973456-628c1.gr8.com
URL: https://centre973456-628c1.gr8.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 08:51:37 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
index.php
ga.getresponse.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ga.getresponse.com/index.php?ver=3&urlRef=https%3A%2F%2Furi.im%2F&url=https%3A%2F%2Fcentre973456-628c1.gr8.com%2F&uid=%7B%22uuid%22%3A%228356fdc9-01bc-41b2-b7d0-fbcf2304671f%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcBX0RfdXgIA3A%3D%22%5D%7D&h=8&m=51&s=38&res=1600x1200&gt_ms=221
Requested by
Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/ga.js?grid=sBDcBX0RfdXgIA3A%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://centre973456-628c1.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 08:51:38 GMT
Content-Type
text/html;charset=UTF-8
/
sentry.int.getresponse.com/api/229/envelope/ 		0
0
/
centre973456-628c1.gr8.com/ 		0
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://centre973456-628c1.gr8.com/
Requested by
Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.2a113bbc2514ac772b04.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://centre973456-628c1.gr8.com/
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 08:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
sameorigin
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
feature-policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
strict-transport-security
max-age=31536000
csrf-token
207bf38d-b3b3-4cab-b5a8-d37ce9b4e677
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaFxx-NCldsnyajvbhZChHrhiU6Wul_km4iHdEqgkJiWiHijP7WTf3LDJ1S0jxsYr-n_zPA7dY8zJuBeXlD1z96iN2fJXIZ6JWibef&sai=AMfl-YQLbEdcWwfwYHGMRKMAxr5Y2uHmLZFOfG3lER2j9DPMdB5CgrafPJF8rOeQC_2Fe65RxxYbzQ1bwJ0A&sig=Cg0ArKJSzEnupPXbiZoyEAE&id=lidartos&mcvt=1645&p=0,0,124,1005&mtos=728,1412,1645,1761,1821&tos=728,684,233,116,60&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1638953495987&rpt=194&ec=0&met=mue&wmsd=0
Domain
sentry.int.getresponse.com
URL
https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _vwo_code number| settings_timer number| _vwo_settings_timer object| grLpsInitialData undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue function| gaSetUserId function| gaPush object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Backbone function| _ object| __SENTRY__ object| socialButtonsStorage

11 Cookies

Domain/Path Name / Value
uri.im/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRFa0lCZG8xU2QzeDRjdWZMRkFrd3c9PSIsInZhbHVlIjoiM2s0QTJ2Smc4bkllc3RPTGg2SG1yTWtBOTlTTWcwNXpuMVB3WWJHM3I1cnhVNUVKalZ3enIzK1wvcDB0NzU0M0tMTnRtbm5lcFM4cFNBaTZ0UjIwTWFRPT0iLCJtYWMiOiIyODY0OTY3ZTIzMzRmN2U0ZDk0ODEwNzdmNWNkYjYyMGU0OWE0ZjcwMTVjNjVhZmE5ODFlNzdlMDEyMGJmNTBlIn0%3D
uri.im/ Name: laravel_session
Value: eyJpdiI6IldYdEJKXC9EZmtyZ0NIWWZFeUtvWHpnPT0iLCJ2YWx1ZSI6IldSV2lvQ0NZb2Q4S0tqTjNhbWc1c3FuZUlibjlhZTVXUlBGYVpuOG5vbVZqMXN2Z3dmM2tjYmVsUWlqWmY1UTNjZFpEdVpxbHlCTkxLK2pHdHM5TENnPT0iLCJtYWMiOiI5MTYwZmIzYWYyYjNmYWU3MDFkYjZlY2ExMDdkNjdjMTI0ZGYzZjY1ZTJkZWQ0ZTMyZWI3NzEwNTRiYjYwNzVmIn0%3D
.uri.im/ Name: __gads
Value: ID=4401de05078a9010-2208223046cc008f:T=1638953495:RT=1638953495:S=ALNI_MYUxEbpmX3kd04ELR-MtXMliwtzCg
.doubleclick.net/ Name: IDE
Value: AHWqTUlSJQRGlh70e8BT_qeQK1wKEEry4PJcULVrAsxAcmYyMudoJQ9pN0vM78MqgEc
.doubleclick.net/ Name: DSID
Value: NO_DATA
centre973456-628c1.gr8.com/ Name: squeeze-page
Value: 1k79bghqp7h97mjjhsj05lhtej
centre973456-628c1.gr8.com/ Name: Skp2V[variantVersion]
Value: 0
.centre973456-628c1.gr8.com/ Name: _vwo_uuid_v2
Value: DEADF8B2A0A539F2B4804819DEFFD5447|c37e420c8c7da8351970c90f2b638bfa
centre973456-628c1.gr8.com/ Name: gaVisitorUuid
Value: 8356fdc9-01bc-41b2-b7d0-fbcf2304671f
centre973456-628c1.gr8.com/ Name: Skp2V[visit]
Value: h0SFg
centre973456-628c1.gr8.com/ Name: Skp2V[uniqueVisit]
Value: h0SFg

2 Console Messages

Source Level URL
Text
javascript error URL: https://centre973456-628c1.gr8.com/
Message:
Access to fetch at 'https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7' from origin 'https://centre973456-628c1.gr8.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW-FROM *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
centre973456-628c1.gr8.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
ga.getresponse.com
googleads.g.doubleclick.net
imsva91-ctp.trendmicro.com
pagead2.googlesyndication.com
partner.googleadservices.com
sentry.int.getresponse.com
tpc.googlesyndication.com
uri.im
us-as.gr-cdn.com
us-ms.gr-cdn.com
www.google.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
sentry.int.getresponse.com
104.160.64.15
104.160.64.77
205.185.216.10
205.185.216.42
216.58.212.130
2606:4700:3031::6815:11c9
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
34.96.102.137
44.235.145.147
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39502f0611ace796625cf60ee4b4ff69e0c19ac3f9828da39d39a54e2ee0f0fb
4386bffa5590f81d2dc467d433d338f3a98699889a9b7db311644deb24a74b81
4910c65a41f5053ed572ae2a0270347c28bbe88f055bec3f4290fe7b8c296be7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b24951716e218cd4bce068f27f732df7bf525370ddbc275ec6dd12351354bd
572a275bf3f0b9812c240db044f288b6ad76eff49f59d12f3da17ae3aa5b6da8
5bca10f0baf16a48169ed1bbd249bc6ee3a760666cf0ad1398d5b957652343cf
5be8fc638bca4ff6f2316dbf8d0ee49b0c8bb9d60a64c357522334671760d044
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
674ad8a5d87b5cbfa2ce05c367344d52e8918df7745aa268680ca73f4206a883
81bfdde974a180fbfb155ba3f1b441906e10acff2ebd24c63a051467e9cd4dff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860a2d1e52b3c209d9e566a7962296196eb7800255520c48f88ed898c19e5549
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
9251f46adc2c1a3e11c4ba70ef1e25e0e260370f228604bb07589d4083aa4f04
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
9c61b98bd34e708ea324effefb5dfc87264be6cd160f1beec7146b508029155c
a2341f0c10a1148de06a683576e211460a1c12680fd4a88fb27eafdc57f3bbc9
a29b326beec9df8a31acdc3a5fd57ec4e3b4999f07310e2fe0f2281ec3664ee8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b2ab6485c38a958c46e20b2e82b3ed706360cc7f5e225f572f9c8076cdafe1a9
b3df8b70eb65dbe548f6d30f514f50d4622070a4ac3e2474254f121428c64705
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bdc8aa3110e648a5a2f5e54529755fb6d50758268746bde1f1354aed04cc8d06
bee66939a28b171f1be2c2a85e47385d01a1c36e35a1304314c2990ae797a323
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e545094ced520a47a23cb7c0e15c3e0b8d7d0dbf7edaec75f3342bb92c482893
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21ce6d3c4d05c159ecf44188bfaeb4ff5eb1c5bf445d829df0d846c5fc8affc
f4bf396ffceceed2aea6e67844a22f5f95d2b595fcf1a4c7a792babdfec29ed6
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37