en.firstgooal.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bangladeshembassy.bt/
Effective URL:
https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Submission: On January 31 via api (January 31st 2023, 2:35:45 pm UTC) from FR — Scanned from FR

Summary HTTP 123 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 25 domains to perform 123 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.firstgooal.com.
TLS certificate: Issued by E1 on December 28th 2022. Valid for: 3 months.

This is the only time en.firstgooal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2405:d000:0:1... 2405:d000:0:100::216	18024 (BTTELECOM...) (BTTELECOM-AS-AP Bhutan Telecom Ltd)
1 1	190.115.26.9 190.115.26.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
3 6	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
13	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.208.163 142.251.208.163	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:245... 2600:9000:2450:200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
123	24

1 2405:d000:0:100::216 (Bhutan)

ASN18024 (BTTELECOM-AS-AP Bhutan Telecom Ltd, BT)

bangladeshembassy.bt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.26.9 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

lbz.bz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2004 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

en.firstgooal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.163 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f3.1e100.net

p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcb.happ-e.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	699 KB
27	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	151 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27638 ad4m.at — Cisco Umbrella Rank: 9391 assets.ad4m.at — Cisco Umbrella Rank: 39464	500 KB
13	firstgooal.com en.firstgooal.com	89 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com	68 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	241 KB
2	metaffiliation.com 1 redirects action.metaffiliation.com — Cisco Umbrella Rank: 115164 img.metaffiliation.com — Cisco Umbrella Rank: 62035	135 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 409	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 725	490 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	793 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938 static-de.ad4mat.net — Cisco Umbrella Rank: 113105	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 25351	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	happ-e.fr vcb.happ-e.fr	2 KB
1	aircaraibes.com jpp.aircaraibes.com — Cisco Umbrella Rank: 847988	2 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	410 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	443 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	538 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	607 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	lbz.bz 1 redirects lbz.bz	383 B
1	bangladeshembassy.bt bangladeshembassy.bt	872 B
123	25

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net bangladeshembassy.bt
14	pagead2.googlesyndication.com	en.firstgooal.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	en.firstgooal.com	www.google.com en.firstgooal.com
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net en.firstgooal.com
6	assets.ad4m.at	as.ad4m.at
6	www.google.com	3 redirects bangladeshembassy.bt googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.gstatic.com	googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	onetag-sys.com	1 redirects en.firstgooal.com
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	vcb.happ-e.fr	as.ad4m.at
1	img.metaffiliation.com	as.ad4m.at
1	action.metaffiliation.com	1 redirects
1	jpp.aircaraibes.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ssbsync.smartadserver.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	prod-rtb.ad4mat.net	bangladeshembassy.bt
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	en.firstgooal.com
1	lbz.bz	1 redirects
1	bangladeshembassy.bt
123	34

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.firstgooal.com E1	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2022-08-18` - `2023-09-02`	a year	crt.sh
vcb.happ-e.fr Gandi Standard SSL CA 2	`2022-02-08` - `2023-02-23`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Frame ID: C0F4253ADBE5123E8CA946940F4CA0FF
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: A3DB9F44290A385FD77E5E05CF4D7C8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&adk=1812271804&adf=3025194257&lmt=1675175740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740236&bpp=11&bdt=300&idt=328&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5451336776532&frm=20&pv=2&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 8916C8FC98D099B79A76BA0073EF96E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=640&slotname=9060055302&adk=1951229012&adf=3674521187&pi=t.ma~as.9060055302&w=320&lmt=1675175740&format=320x640&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740247&bpp=2&bdt=311&idt=355&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7v3udkcjRs&p=https%3A//en.firstgooal.com&dtd=361
Frame ID: 84B8F3A51CC4655B058AD88DBBC2D058
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367
Frame ID: 15B222F75B6D12BC0ED834352096B69B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740252&bpp=1&bdt=316&idt=372&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7JSr33CxIq&p=https%3A//en.firstgooal.com&dtd=376
Frame ID: 28401A87FC9B0699BD66D8CF877812C6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382
Frame ID: 3D6B13957257F7E1E7CAF0A814147243
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1675175741&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175741445&bpp=1&bdt=1509&idt=2&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d46747ecf8cf951-22134af07bdb009d%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w&gpic=UID%3D00000bad29b0f860%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=nXmgx21Dmq&p=https%3A//en.firstgooal.com&dtd=14
Frame ID: CDC0401F76AB27771621D32B6935801E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84A67DD1A4E82D4EC7E5FBB9236BF698
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: D681F61918E261537BB3FE1C1BA8A63B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js
Frame ID: FF045F2FE84DD892C3C8824740655CB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 699F82E1D0698258FBFA109697C1E44C
Requests: 2 HTTP requests in this frame

Frame: https://p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 0CF5FF43A1085FF39FEA0F7B7810C001
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CooacPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEhwJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtCiW5ltNfsSSu_R8IY45cyljZGz-fdU5pCvcIOWYzk_hQLwnX3ApoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTE5MDIwNzA3ODI0NDI3GAA&sigh=YGpatSBc0BE&uach_m=[UACH]&cid=CAQSOwDUE5ym85auZvbfV5mi6OsJ_pb0qbYuqsjtK2XyYLiR9r_V9AEA3lQwv-oXVmIRhceuZ0WCttqY5spDGAEgEw
Frame ID: 9C0AFAA0CF68939D7CF0D6A2FF888F9D
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D
Frame ID: 3E38486AA4D9FD2CCEC0077A596FD5DE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7A8E3038F113CEB1E6037866B959302
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A9F9B39484BD36C43968F11046D90ABB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js
Frame ID: F48B6D2158454FFE7949078DE15E01C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js
Frame ID: 3EF26E27439D09EFB596CFB18CD17FD2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7E0239DA9253A65AA95087F36761DAAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js
Frame ID: 04084CEB13508767998BBA883971B5B1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Frame ID: 2361DBA1C2D915B8B03CC8B8244F6C3B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66A2D8EF5FDB512D4DADDF1890518864
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 926AB3F735977ABD3CD93347DC89C119
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tesla holds its own bitcoins during the fourth quarter of 2022 - Firstgooal Q&A

Page URL History Show full URLs

http://bangladeshembassy.bt/ Page URL
https://lbz.bz/cro0r5 HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk... Page URL
https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

93 %
HTTPS

63 %
IPv6

25
Domains

34
Subdomains

24
IPs

7
Countries

1960 kB
Transfer

3976 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bangladeshembassy.bt/ Page URL
https://lbz.bz/cro0r5 HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&usg=AOvVaw2T-o46YouseJsHTo8A5lAH Page URL
https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://lbz.bz/cro0r5 HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&usg=AOvVaw2T-o46YouseJsHTo8A5lAH

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELmHFX659jHyYJuq8eRbAUk&google_cver=1&google_push=Aa02lx8XJML38dbyF156D4cEa7v_LZUGeoCANXVeZHJaKwKGSVi6BkhrNu1Z9Dbk81naI5YwKI6m2R2QJ6JBxIN98tZDVJw0Ts3rog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELmHFX659jHyYJuq8eRbAUk&google_push=Aa02lx8XJML38dbyF156D4cEa7v_LZUGeoCANXVeZHJaKwKGSVi6BkhrNu1Z9Dbk81naI5YwKI6m2R2QJ6JBxIN98tZDVJw0Ts3rog

Request Chain 91

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEfEti47GjWXanEgMFzQAPM&google_cver=1&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEfEti47GjWXanEgMFzQAPM&google_cver=1&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw&google_hm=GFCrrGZHlxeNynubReSHKUkp

Request Chain 92

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ7M_LeUeVL9m58usa4aCLE&google_cver=1&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdKBYyaCL1T0AHB6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdKBYyaCL1T0AHB6g

Request Chain 93

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIFuqimvAbGbgJ3RwiG5ggU&google_cver=1&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx_pFPYMfcA9gx7hBbXh8haRVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx_pFPYMfcA9gx7hBbXh8haRVw&google_hm=ODE2Mjg0MTcyMTY1MTE0NTcwOA%3D%3D

Request Chain 94

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG7m1nmOOLKunssNiHtQ7A&google_cver=1&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64npW9Is5PF9bf1F1aJMQdphup0k33qg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG7m1nmOOLKunssNiHtQ7A&google_cver=1&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64npW9Is5PF9bf1F1aJMQdphup0k33qg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSHhUYUFORTJ1RnZrZGJCUUNYTVdna0w0LkhCYVBlcH5B&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64npW9Is5PF9bf1F1aJMQdphup0k33qg

Request Chain 95

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKkeTdUdNLX4S44U68oIaKc&google_cver=1&google_push=Aa02lx892jqUq77xfHVKDlGLuypdwunhXAjlOZPHk6SzpWPIAfm7GyqjACqqnRKezAWomd4Wr1y4EzGJeW3tnkmiuUagtV1_nygTv7M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx892jqUq77xfHVKDlGLuypdwunhXAjlOZPHk6SzpWPIAfm7GyqjACqqnRKezAWomd4Wr1y4EzGJeW3tnkmiuUagtV1_nygTv7M HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 96

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8mPNLBOrAWOqPwO1IjbrvAlCz1o5n5o2dnzp7jfDlH9NOcwGGFkXpdqIBP6bkNfET6LznA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENL3q7FkoZloU6UlcbgooE8%26google_cver%3D1%26google_push%3DAa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8mPNLBOrAWOqPwO1IjbrvAlCz1o5n5o2dnzp7jfDlH9NOcwGGFkXpdqIBP6bkNfET6LznA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjk2MzAzNTExNTg0Mjg0MTg2Mg%3D%3D&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8mPNLBOrAWOqPwO1IjbrvAlCz1o5n5o2dnzp7jfDlH9NOcwGGFkXpdqIBP6bkNfET6LznA

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

123 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
bangladeshembassy.bt/ 664 B
872 B 1495ms
620ms Document
text/html 2405:d000:0:100::216
BTTELECOM-AS-AP B...

General

Check archive.org

Show headers Download Go to

Full URL: http://bangladeshembassy.bt/
Protocol: HTTP/1.1
Server: 2405:d000:0:100::216 , Bhutan, ASN18024 (BTTELECOM-AS-AP Bhutan Telecom Ltd, BT),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 14:35:39 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2

200

url
www.google.com/
Redirect Chain

https://lbz.bz/cro0r5
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-th...

1 KB
2 KB

198ms
97ms

Document
text/html

2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&usg=AOvVaw2T-o46YouseJsHTo8A5lAH

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: http://bangladeshembassy.bt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 603
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Tue, 31 Jan 2023 14:35:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
pragma: no-cache
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 14:35:39 GMT
location: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&usg=AOvVaw2T-o46YouseJsHTo8A5lAH
server: ddos-guard

GET
H2 200 Primary Request tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022 Show response
en.firstgooal.com/10191/ 30 KB
6 KB 435ms
370ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiG4ruhhu38AhVRVaQEHazKAbk4ChAWegQICxAB&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&usg=AOvVaw2T-o46YouseJsHTo8A5lAH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63156da31a7fee260b5f31fd30da3b436bb5cbeeef69575f8da5a0e027ed4fb

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79232cd44fd72a33-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 14:35:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy%2FQFFzLci9bH1s8lpbx4T58257vQuqzM7DTiDwwdnZrWgGbGxYXR8OWqDkB47rn113QPwgINFAFeMOh1U94GviDNCOCm8hKSRF627UrFcUT6dgxxJB1EqlgoOtzlGn4Rj6lT40mG5QZQhhk0YaW%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
en.firstgooal.com/qa-theme/SnowFlat/ 70 KB
13 KB 32ms
30ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4569
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqAYrH0DdAV1dY8gORH94kUmcmbLiXT2DwQZ1h9I7Wgob8CUyU%2B4WWacGwBrxqxCqTr0oUtrJL2zq5ysq4kZ5%2FBGz9t%2FXINJh0ZLn0AWb6sRLEZ24Lps9zNDk5gn1tfgQVpgxv9XQTqWrpgQKdwAvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79232cd6ac422a33-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
en.firstgooal.com/qa-content/ 87 KB
31 KB 40ms
38ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 662
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FyfmTnoOhbcZiNEGaLz8ntfOwDuZlA7DOUocElxNH2azl%2F884Uz4At8OFSfbKE8OwQH2Wfcc5IsG6j1MYigMQVH2cODF%2BDclDeYTldnrCIeR9OtQLLsGc3KBpB8%2B0U5QoqUA6fhXTXcj0HWjHWMag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79232cd6ac432a33-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
en.firstgooal.com/qa-content/ 20 KB
5 KB 29ms
28ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 661
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcu2zy09MymRC8nFkqqS67FOxbpQwdZLgV1omNGxEmi4JQrx9NSgsneUXvuC0A%2FYisK3B%2BB4k00Kb%2BlYWqGwe%2BCNPc1%2BeFhw2SYiOL57MJfoYDwoCBtZNcK5OnVw%2F118%2F0BTtFWNy%2BABfhL7vyenOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79232cd6ac462a33-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
en.firstgooal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 34ms
33ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 661
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfrzQ3HLMpXCTmpZBN5Kk8CqqRtSe69XMgJvDWIHsU1ZGLhuWNUmETDlxudfXsyL7cIwDX9xvafmyZ3hFxwUYOwXwsNCNxRP%2BKkL%2BV2JXFfX3CC1RqQDgI47rWPCFNOoQoPvHcr7MQrBMHoPtXyEGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79232cd6ac482a33-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 196ms
102ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7c30be38256439548eeecbc369974703ebad100774e574e5c9a304c7fed2fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Origin: https://en.firstgooal.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50259
x-xss-protection: 0
server: cafe
etag: 10291059316261800338
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:35:40 GMT

GET
H3 200 vote-buttons-3.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 34ms
33ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPLkhleEBRHKgklZl5DlkdoaLU9bdJrDVnCCMqiRwiAomRwkc1LSBY6wy1p9PUeCgK73pZof1uzRQV3fsCMb9P54vsvBFYM69SwZWdwScfHwHcmnnuvqWHR7gq2Qod2mbFafBCijOihUYgU6B%2FXlWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd75cc9d63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 28ms
27ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2941
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvKSIedvUVYdueT1gyn%2FbvGTgL5gFSjkoTwKux5M6ZmYif%2Fs7QlXn0iCJkaIJMXEyNXl%2FwIBcnEuX0q26Xpw9prf4GbDlbi69l3YNVLct2x823klNTc14BKg9WhvYczmF%2BRy4B8C41A0lN0QOnZaUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd75ccdd63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 fontello.woff
en.firstgooal.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 32ms
32ms Font
font/woff 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://en.firstgooal.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHWqMd5LmdcF%2BuKk675lCaQzbWSv2GMiC%2BNWwdT9liPreyGW08aQVatmYH0Fz%2FKhLyBHOd2Cgh5Ne4Vk15m5c0twNMeED32tADZtdWS1ARAG%2F4kJteoN6HiUv2FwJF9Mcxg3U0oze2m6Th3TC2VuMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd75ccfd63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 104ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62733008-15

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16f47ed4e5c161683f95ff76d8fd7a498b099b0059534f141cadef3c08938baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44016
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Jan 2023 14:35:40 GMT

GET
H3 200 answer-select.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 31ms
27ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2941
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLK%2BvQuECSrPGUyjKcXa9sCG0M1koTOEPP9%2Fm3sl8PTRxe729ztIRwa6Z2tnTuraJ1IggS20CLQDFipFaNeCDudXMheHihtCqWhnfQmPzcl8kusN1BvxUXxV3VWORZp418nQkGKEtHlVtXNwV6aW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd78d1bd63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 50ms
46ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2941
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BbxVV3BFOnC3ADiLx%2BWYYXx%2FUYKeC2I%2FNyHYgj2AtPZP6YdmcTz6Y4yL1wqLKSbCwSe%2BygHnmQ%2F6kSMtpMpSQyEeCaDFT5swC0Duqpn4Kv2MZxRQMQA6MAW%2BsJ%2BcxNX5cCTuWkGFGrH1pxO3siNPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd78d20d63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 37ms
32ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5uScHR9sjEhuFRdypx%2Bsq79J1clLddSNoW7xxsuemBGbcd6zskFEJsU4igsj1BgGzHk%2Bn79EIGppMiHmqdedCjhvoqM9%2Bj2fxPQcVAsGlUNArkqQOI%2FTCxKOxbx7%2BuvARWnXzoIoUxLcBYt%2FaSUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd78d22d63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 34ms
29ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMpMPivug3MCV9NeYheOK741%2BC%2FXt8VRt50qWYPQsDnFVwm58%2FkMLwBCXMXrFr0shmc6EG2sniD8JxdaZDxfWuicYDUEomB6ntD2MgpTiWtvZPY8JSpj2sApyEcBARvo%2BwtPMGC3wCC%2BOkL8OOwhKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd78d25d63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
en.firstgooal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 37ms
33ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2941
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFyihgf0SFZij%2BZG%2FtWuNriV7wfdnevPMJIEI7kUB09Y20JPGg%2FUARLTJUbnfyQZ%2BIIvnfsF4gmJfU%2B5D0bUDraYFRhRebnBmdGLs0Qkmg%2BHLFQMoA5WlJS62rmJzF2gPtBbPFgnL4P2WiV7Y0%2BNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79232cd78d29d63e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
118 KB 166ms
111ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5119020707824427&plah=en.firstgooal.com&bust=31071855

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df6ee020b739af6892dae132eee5ae4468ed717106b8401ca6d6d00a301d85a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121184
x-xss-protection: 0
server: cafe
etag: 10834659672211938440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:35:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame A3DB 10 KB
5 KB 156ms
39ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 85486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:50:54 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 14:50:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 147ms
39ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62733008-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 14:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 836
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 31 Jan 2023 16:21:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 64ms
63ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1901235164&t=pageview&_s=1&dl=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Tesla%20holds%20its%20own%20bitcoins%20during%20the%20fourth%20quarter%20of%202022%20-%20Firstgooal%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=257657705&gjid=1035518087&cid=1531602515.1675175741&tid=UA-62733008-15&_gid=1146544380.1675175741&_r=1&_slc=1&gtm=2ou1p0&z=207174442

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://en.firstgooal.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.firstgooal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 175ms
61ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=en.firstgooal.com&callback=_gfp_s_&client=ca-pub-5119020707824427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5119020707824427&plah=en.firstgooal.com&bust=31071855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ec0fc8819adafe512fc2b23e18e7e4b45d8983bdf32bcd95e1a578f0108a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 113ms
36ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 100ms
36ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8916 116 KB
37 KB 429ms
427ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&adk=1812271804&adf=3025194257&lmt=1675175740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740236&bpp=11&bdt=300&idt=328&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5451336776532&frm=20&pv=2&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828ef4e9fb71fa7857435101225e145e59fbb3c55f2bf1b0fd87254e926fae08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:40 GMT
expires: Tue, 31 Jan 2023 14:35:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84B8 430 B
406 B 236ms
235ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=640&slotname=9060055302&adk=1951229012&adf=3674521187&pi=t.ma~as.9060055302&w=320&lmt=1675175740&format=320x640&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740247&bpp=2&bdt=311&idt=355&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7v3udkcjRs&p=https%3A//en.firstgooal.com&dtd=361

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95a30069224b8e6788bb5e1671ae65eabe4693d9f9613dab4a60235f54cf3435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:40 GMT
expires: Tue, 31 Jan 2023 14:35:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15B2 72 KB
29 KB 955ms
955ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd51607559ac82e66145961ac8f9bbfc15ae856e08738361ad03ca485aa863c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29515
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:41 GMT
expires: Tue, 31 Jan 2023 14:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2840 71 KB
29 KB 379ms
379ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740252&bpp=1&bdt=316&idt=372&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7JSr33CxIq&p=https%3A//en.firstgooal.com&dtd=376

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe00df6dfadfde1c57a89711af77f5b5664faa226eef59ef81de7d5f4c66acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:40 GMT
expires: Tue, 31 Jan 2023 14:35:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D6B 97 KB
33 KB 437ms
436ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c54c7436a7bd1954feb6fb5d37a8f823bf121b6d83602b7df636037677a2ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33517
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:41 GMT
expires: Tue, 31 Jan 2023 14:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14430922527448735525
tpc.googlesyndication.com/daca_images/simgad/ Frame 2840 137 KB
137 KB 147ms
74ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14430922527448735525

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740252&bpp=1&bdt=316&idt=372&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7JSr33CxIq&p=https%3A//en.firstgooal.com&dtd=376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82e9bfa9737667956a8f677f722f6da5f8c69ec3677bc4bef06994dd6a7160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:35:38 GMT
x-content-type-options: nosniff
age: 28803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140024
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 01:17:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 06:35:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 2840 22 KB
9 KB 121ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 2840 3 KB
1 KB 110ms
65ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 12:56:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 2840 18 KB
7 KB 109ms
64ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2840 157 KB
48 KB 140ms
76ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 2840 33 KB
13 KB 111ms
66ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13488
x-xss-protection: 0
server: cafe
etag: 7956080266137140730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 23:51:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3D6B 8 KB
1 KB 107ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 12:42:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 3D6B 2 KB
846 B 178ms
127ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 3D6B 22 KB
9 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 3D6B 3 KB
1 KB 91ms
66ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 12:56:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 3D6B 18 KB
7 KB 97ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D6B 157 KB
49 KB 144ms
74ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 3D6B 33 KB
14 KB 154ms
45ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 May 2023 14:27:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2840 0
0 94ms
93ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClQ-oPCfZY8qfKbiPiM0PvquggA3r4bjdbvm9quDfEAoQASDOyOyOAWD7AaAB7LPywAHIAQKoAwHIA8kEqgSOAk_QIihs9hMt1sZRbLyJyejMjK2yHc7CPkMkQBmki8JVc9gAXb_Ok9OxmbwpKjP0iB8VLEPuKsyQQ8jvBZSVMAdrTSC-ECy1gADY3Mbj8EYLRmXWhnroVNHL310SogAkUBX9ycMqimUf6epQwvRfc0AInSHncaahEG556vZ_WuHhyNJ904FLxiWUjJPzJUnxPmIy05jcQuxYsDN6CGl-IbWpNdBJQAwoVV_VGydfKrq_ZubuwB4BZcZhOQsGtxHyXHs1Ip6K3ZgLBbSBVeiewTr-NvRkG4utNygDY4ZugcgcNWICJaq_F51WpaK7Qi38WhaKA_PeQ3xMxy42u9vME3ZMpDpXXEtzOz7_LkER_MAEnqi-_aEEkgUECAQYAZIFBAgFGASgBgKAB_zLjb8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ-z7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTE5MDIwNzA3ODI0NDI3GAA&sigh=jRCk3wyLZNM&uach_m=[UACH]&cid=CAQSGwDUE5ymRHVdhFpr0vaY5OoWT1vYhWVdMkkQRhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740252&bpp=1&bdt=316&idt=372&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7JSr33CxIq&p=https%3A//en.firstgooal.com&dtd=376
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3D6B 0
0 98ms
97ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFYqYPCfZY9b3KZDHYfKDtYgMmIOY3m6H7PSK_xCMnYTE_g4QASDOyOyOAWD7AaABpZGWpCjIAQmpAr_Yab8VNLI-qAMByAPLBKoElAJP0GTs7H4FBqIkTxAL1uQz5pEEj2wJxDH-yT9ctczrJEASoNc2pXEM3xi9KAJyoQ0sithsrs7u-26knLC9LqaYr6lCyA0DdxYUvycj21WWh9WRe8pvSRWm9U7HOyX3XXqWn6MXIN8V456-RzfY72Cm_9_Cr5v85w2Hs9XfvswG_jpvA_tcJCIRZ9yjf0VwGQ2RVje3GwVly0FaJd2mzQajFgYtqK6Y_QK7WvunXuD1ekPKWFoVqeNYlruW6044HgJ0sCX5bsqvodhtUBzaFpoZOelQKFPY8soiszWqaa6FLgr9CgGcM0_dIzfPV7DKfLR3xT8ODA9YIbn_w6Dha9HaeXBjfYW25zawxObzUN2UMmS3sK_ABICriYWmBJIFBAgEGAGSBQQIBRgEoAYugAelyeaDA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEK9P0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTExOTAyMDcwNzgyNDQyNxgA&sigh=TI8CnL9WrXI&uach_m=[UACH]&cid=CAQSGwDUE5ymqWZlGhpGXOnPcsk65W_gG00Sprt54RgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 150 KB
51 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/reactive_library_fy2021.js?bust=31071855

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

843626bc444a5588db3e641d80d1b695d0118249dc54465c7205a07424e9eb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52193
x-xss-protection: 0
server: cafe
etag: 8016693981750806827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2104569198567030324/ Frame 3D6B 278 B
395 B 113ms
112ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2104569198567030324/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e60b0a1061d7f8051191eb39654f1b849f5fb028b5aa5506680e4d489e10a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 10:20:54 GMT
x-content-type-options: nosniff
age: 274487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 23:00:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jan 2024 10:20:54 GMT

GET
DATA 200
OK truncated
/ Frame 3D6B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D6B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 45ms
39ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 56ms
51ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDC0 31 KB
12 KB 350ms
349ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1675175741&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175741445&bpp=1&bdt=1509&idt=2&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d46747ecf8cf951-22134af07bdb009d%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w&gpic=UID%3D00000bad29b0f860%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=nXmgx21Dmq&p=https%3A//en.firstgooal.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eea40226a494a2f448aec63716bd18b1c9c8a6917df37822dfee61833a87199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12528
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84A6 143 B
166 B 56ms
56ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740252&bpp=1&bdt=316&idt=372&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7JSr33CxIq&p=https%3A//en.firstgooal.com&dtd=376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2840 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0ae2d442cc484998ab9e18a8eb9876df598ba78a829546799e11654b061da51

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3D6B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4d13857543580c63a93bbf2571fc7fe70ec78a0477638db688fc46eef7bdc0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame D681 10 KB
4 KB 46ms
46ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 70899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11811698261385954978
tpc.googlesyndication.com/daca_images/simgad/ Frame 15B2 144 KB
144 KB 31ms
30ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11811698261385954978

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48d3c7f81942ca87ef72738e4bfb4865cbc3240fef90e4559bdbe6f26639dac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:43:13 GMT
x-content-type-options: nosniff
age: 341548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147070
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 19:09:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 15:43:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 15B2 22 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 15B2 3 KB
1 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 12:56:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 15B2 18 KB
7 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15B2 157 KB
48 KB 70ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 15B2 33 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13488
x-xss-protection: 0
server: cafe
etag: 7956080266137140730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 23:51:22 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame D681 9 KB
4 KB 46ms
43ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 22:49:54 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame D681 10 KB
4 KB 47ms
45ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D681 8 KB
968 B 42ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 12:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D681 2 KB
799 B 33ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame D681 22 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D681 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 12:56:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D681 18 KB
7 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D681 157 KB
48 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D681 33 KB
14 KB 70ms
68ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 May 2023 14:27:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15B2 0
0 132ms
130ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYRjXPCfZY83DKKGZ7AP837HQBevhuN1uscGq4N8QChABIM7I7I4BYPsBoAHss_LAAcgBAqgDAcgDyQSqBJQCT9DIrMRQePJS690g-6z3FprjJN2nSsC7BFFWPrZ70r_A3kfpgfulEskXcFCNQFt8zTiVPR-sMS4IPkV5D8zFNA5rkkItlub4SRyazuza_ENogAeMFU6rjELySJZVEeZhfdixJEUrjZj5UNhon8jkrg1Lsnu2jfSmY6lnURcAGY_w6Dqo5NvXF27t7g8COAjcr1kjv6zcIWnNHXDl8ZofSBdu0y6bn5z_o4GwKaf2SJANrxyYgj2gt96D1JiNLjF9ttxTZfYM3Gkl3AX8ZyB_8ukxERluXDUy3ly7fvHQ_vrnTLYtbpIqpClxSsEVZe-NWRQuP4Wpt_sYx3Hsw9x7FcbY0PNh7GZ-TXg_HIOyoLuXy9tJwASeqL79oQSSBQQIBBgBkgUECAUYBKAGAoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCfqQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTE5MDIwNzA3ODI0NDI3GAA&sigh=MtiAylLiWyI&uach_m=[UACH]&cid=CAQSGwDUE5ymcAGLzG62SON68kGtKu9CasyQqpLBlxgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3D6B 28 KB
28 KB 152ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 406800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:35:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
64ms

Document
text/html

2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:41 GMT
expires: Tue, 31 Jan 2023 14:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js Show response
pagead2.googlesyndication.com/bg/ Frame FF04 36 KB
14 KB 75ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14222
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 12:52:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 699F 143 B
166 B 55ms
49ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0CF5 247 B
869 B 225ms
73ms Document
text/html 142.251.208.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f3.1e100.net

Software

sffe /

Resource Hash

e2f88798f5fb5baa0881c617ff9887afdd68c5d195c1a51959a1395ebd05466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-W8IBDGBnc6Ld3Oyo4HURlA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15B2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb812dedfc4a051c83c1bd8b6a7cdeed096d2d8b61c40974a450ac8183fbcac3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C0A 0
0 91ms
90ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CooacPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEhwJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtCiW5ltNfsSSu_R8IY45cyljZGz-fdU5pCvcIOWYzk_hQLwnX3ApoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTE5MDIwNzA3ODI0NDI3GAA&sigh=YGpatSBc0BE&uach_m=[UACH]&cid=CAQSOwDUE5ym85auZvbfV5mi6OsJ_pb0qbYuqsjtK2XyYLiR9r_V9AEA3lQwv-oXVmIRhceuZ0WCttqY5spDGAEgEw

Requested by

Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1675175741&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175741445&bpp=1&bdt=1509&idt=2&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d46747ecf8cf951-22134af07bdb009d%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w&gpic=UID%3D00000bad29b0f860%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=nXmgx21Dmq&p=https%3A//en.firstgooal.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9C0A 0
0 110ms
31ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h3ksyswtn3gk200h96asz5s7btcj5rag40qbmrydcdxv57w8c9gf04k6s2em29qymxabd6zrygm9gaff7h94j35qbgaq32p1twymr9vt4gmpskqt1bxc49qq8bj1xndhnx8qwanjpa1xfk95ew6yvxsmrt500s7jmvtsypb3469q0xhtyd3q0vd8zb2nv3j8zw5c9rb8sp0jmab7crqjyvywtg04bzqek25nbd6tv5czhxrq7tfrwajan4bcka4z248f6y1978ae87cm7apxj3te9dczwsmtq7m3dwk9g437axfvpdz82yb4a42wszxchvay3pxxrsygnw1bvqx6wkqx4fa08n7cmp8zjj1jxqjdj33eezgb38bgfrdsqtnwtbszqbnv0&b=Y9knPQAHyMkKGBoHAAsfuYBObnVOESQXhKGXog
Requested by: Host: bangladeshembassy.bt
URL: http://bangladeshembassy.bt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Jan 2023 14:35:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3E38 2 KB
3 KB 120ms
50ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1675175741&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175741445&bpp=1&bdt=1509&idt=2&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d46747ecf8cf951-22134af07bdb009d%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w&gpic=UID%3D00000bad29b0f860%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=nXmgx21Dmq&p=https%3A//en.firstgooal.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e5e9b26b6f97b8262211bb07e5f62949368f282e4d957573a2141508ba1cd1a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79232ce36f91d301-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9C0A 3 KB
1 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 12:56:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E7A8 1 KB
643 B 32ms
31ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 12432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 11:08:29 GMT
etag: 48472445140208031
expires: Wed, 01 Feb 2023 11:08:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9C0A 18 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C0A 0
0 75ms
71ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOrHlbYXfkYgGVo-LE-u9goqeIoSTOZDLGbckT5QBnjaaw_IIRpWM6TtduR8HKvqCWHQn9p9nTTjDcNaKYf3WILjP3EQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1675175741&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175741445&bpp=1&bdt=1509&idt=2&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d46747ecf8cf951-22134af07bdb009d%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w&gpic=UID%3D00000bad29b0f860%3AT%3D1675175740%3ART%3D1675175740%3AS%3DALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=nXmgx21Dmq&p=https%3A//en.firstgooal.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C0A 157 KB
48 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D681 0
0 87ms
87ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CukCNPCfZY8yuJ5OU7APl4au4CJiDmN5uh-z0iv8QjJ2ExP4OEAEgzsjsjgFg-wGgAaWRlqQoyAEBqQK_2Gm_FTSyPqgDAcgDywSqBJQCT9ANnYwWKq96f0Ms97ApWYE5kRA96GfjODVtX9GrBGIulIU2MQSZzFzCFOaEmdRZVXZR5uHtjIFBnNP8pF7bd41Se7uknGWhk8uFhyLcIZPJ7s-7lXCdovkqrZZjP5NUR1d2TEd4cuVEjNfgkt9od-X3vA1M-Ypu_jemJzv9Vso0YwQJmx14LyVIeNgI8WYLp8Y-kGwKPLDTk7s51p6Y4Pq29kPZAX5suMFtIYF3PUeG_ECJ2l0RtU2l0ypS5wwlAE_GWPI_80WCBAc0c1nS6UBoTCMt34-H6UUhe1AuXiTYM37d-BW26IFBYi2OoJ3FHGZrQF2uDCLn0SbPofyAIAo_QK1dQ1QLcdbG0eHRwT6LdUPvwASAq4mFpgSSBQQIBBgBkgUECAUYBIAHpcnmgwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDaMNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTUxMTkwMjA3MDc4MjQ0MjcYAA&sigh=LdNcAisQtvQ&uach_m=[UACH]&cid=CAQSGwDUE5ymNcUM1yLWPyJJ0T2fAXseGV7J83_lTxgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9F9 143 B
166 B 44ms
41ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D681 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1172632581268c1589aa44318b9f8a133a47fb98c829694ddb078d7d08f130df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js Show response
pagead2.googlesyndication.com/bg/ Frame F48B 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740253&bpp=1&bdt=317&idt=379&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rfAofIGxAW&p=https%3A//en.firstgooal.com&dtd=382

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14222
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 12:52:28 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 3E38 94 KB
12 KB 42ms
41ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 422286
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgd6VpVzAsei10bH2KimndQozbMb18TH47GdgfTt6xsHnFRdGELkaSysMjOxGVUHX8HfGDZQjq4w%2B7aRHFIcg%2BP3lIYw7BpUuVtz3GpSShewO9XttNu1w3G4zreeuPARxeuEzBrZa5g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79232ce44857d301-CDG
expires: Tue, 31 Jan 2023 15:35:42 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3E38 35 KB
12 KB 43ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 441802
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPaHbAd6Z24IYN9e67lHjPFBiJ%2BWTFvTSWXVHM4X%2Fi0yvskgd43XoJIRXs%2BnkbczIthfunwpFLk92%2B0YJ6QS2WZXHCRzj%2F0vHtDVA75hVg4WdW2H9FwivFemmJWkunIfk0GqFSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79232ce4686ad301-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 24 Jan 2023 15:04:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELmHFX659jHyYJuq8eRbAUk&google_push=Aa02lx8XJML38dbyF156D4cEa7v_LZUGeoCANXVeZHJaKwKGSVi6BkhrNu...

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELmHFX659jHyYJuq8eRbAUk&google_push=Aa02lx8XJML38dbyF156D4cEa7v_LZUGeoCANXVeZHJaKwKGSVi6BkhrNu1Z9Dbk81naI5YwKI6m2R2QJ6JBxIN98tZDVJw0Ts3rog

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cdg20771-CDG
pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675175742.329919,VS0,VE79
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELmHFX659jHyYJuq8eRbAUk&google_push=Aa02lx8XJML38dbyF156D4cEa7v_LZUGeoCANXVeZHJaKwKGSVi6BkhrNu1Z9Dbk81naI5YwKI6m2R2QJ6JBxIN98tZDVJw0Ts3rog
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEfEti47GjWXanEgMFzQAPM&google_cver=1&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEfEti47GjWXanEgMFzQAPM&google_cver=1&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw&google_hm=GFCrrGZHlxeNynubReSH...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw&google_hm=GFCrrGZHlxeNynubReSHKUkp

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 14:35:42 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98of3nPFDxBCPXOH9y2GWBkLEL6pRodlsuuFhqatTKh1Lqm0Y821uyAA_9ymFTTqKCo19YuYcrtWCgrOKgZBo-0U2YOyEDQw&google_hm=GFCrrGZHlxeNynubReSHKUkp
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ7M_LeUeVL9m58usa4aCLE&google_cver=1&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdK...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdKBYyaCL1T0AHB6g

170 B
329 B

53ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdKBYyaCL1T0AHB6g

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Jan 2023 14:35:42 GMT
via: 1.1 a798024c3ebeca4899e61296c596f4e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8M-8omAupefqRQao-f0Ber_BDowJIGvTK7pIE3EBocSFqYBx3xMjLFiJcx5_ATTCZHSkOnS84tgQZRdmdKBYyaCL1T0AHB6g
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 6StNAtxCj3_dd8aI7jFTD6QXaFElbAGib_CaJ5svCVZ4bZZTQkfRaQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIFuqimvAbGbgJ3RwiG5ggU&google_cver=1&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx_pFPYMfcA9gx7hBbXh8haRVw&google_hm=ODE2Mjg0...

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx_pFPYMfcA9gx7hBbXh8haRVw&google_hm=ODE2Mjg0MTcyMTY1MTE0NTcwOA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx-7DxJ6D6IcgPZ5QY9XEYMuVJuvg0ocIZXb8Ta3gc6cXAKz1bzhCQWQFiiMAZ0p1OX29znhSx_pFPYMfcA9gx7hBbXh8haRVw&google_hm=ODE2Mjg0MTcyMTY1MTE0NTcwOA%3D%3D
date: Tue, 31 Jan 2023 14:35:41 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG7m1nmOOLKunssNiHtQ7A&google_cver=1&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64n...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG7m1nmOOLKunssNiHtQ7A&google_cver=1&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64n...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSHhUYUFORTJ1RnZrZGJCUUNYTVdna0w0LkhCYVBlcH5B&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQ...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSHhUYUFORTJ1RnZrZGJCUUNYTVdna0w0LkhCYVBlcH5B&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64npW9Is5PF9bf1F1aJMQdphup0k33qg

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xSHhUYUFORTJ1RnZrZGJCUUNYTVdna0w0LkhCYVBlcH5B&google_push=Aa02lx9appA171aRGUg7_lkXZWv1e3kGpG7_dDvlthInUrQnmb8ErgtFQeaLg6jvPNJ-d2y64npW9Is5PF9bf1F1aJMQdphup0k33qg
date: Tue, 31 Jan 2023 14:35:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame E7A8
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKkeTdUdNLX4S44U68oIaKc&google_cver=1&google_push=Aa02lx892jqUq77xfHVKDlGLuypdwunhXAjlOZPHk6SzpWPIAfm7GyqjACqqnRKezAWomd4Wr1y4EzGJeW3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx892jqUq77xfHVKDlGLuypdwunhXAjlOZPHk6SzpWPIAfm7GyqjACqqnRKezAWomd4Wr1y4EzGJeW3tnkmiuUagtV1_nygTv7M
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

31ms
24ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/10191/tesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7A8
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENL3q7FkoZloU6UlcbgooE8%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjk2MzAzNTExNTg0Mjg0MTg2Mg%3D%3D&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjk2MzAzNTExNTg0Mjg0MTg2Mg%3D%3D&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8mPNLBOrAWOqPwO1IjbrvAlCz1o5n5o2dnzp7jfDlH9NOcwGGFkXpdqIBP6bkNfET6LznA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 14:35:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.33.144.176; 178.33.144.176; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: de96696c-9849-49b9-8154-efae84919c5d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjk2MzAzNTExNTg0Mjg0MTg2Mg%3D%3D&google_gid=CAESENL3q7FkoZloU6UlcbgooE8&google_cver=1&google_push=Aa02lx_gFuU_1MaS7vgue71OFx5ML4BTy8mPNLBOrAWOqPwO1IjbrvAlCz1o5n5o2dnzp7jfDlH9NOcwGGFkXpdqIBP6bkNfET6LznA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E7A8 0
130 B 140ms
48ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lwbxh7jRH9P2FnfG3MPOy0fVSiHnElaWSZN0jt71gfpzmrgCEP5uaHzfcoxIiN8syY1pbTsTnH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9C0A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9d7f71a1634951d29f361e504d280613a29e8f6f74b702a42433ff9b20e274b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0CF5 4 KB
2 KB 78ms
76ms Document
text/html 142.251.208.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f3.1e100.net

Software

sffe /

Resource Hash

db5062f5f4d8eebb1d80b889636e97de6d515edc01abd4d0308d1c6bc95b64e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1862
content-security-policy-report-only: script-src 'nonce-wgH95WaT2XgBzY-wHxEA6g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 699F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
68ms

Document
text/html

2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Tue, 31 Jan 2023 14:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9F9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

126ms
101ms

Document
text/html

2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Tue, 31 Jan 2023 14:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EF2 36 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14222
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 12:52:28 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3E38 3 KB
4 KB 238ms
37ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2234
x-guploader-uploadid: ADPycdsyy3XiqRKYAMolTEAYALMVMLkBuE4wuf-4IY7Xkhz3scCzKEXoLCylnCQ3l46DZbKtLLnogBpNdxBH_xYpKnl7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rndpvR2TMlAWzAQX5aaN30lwlDT%2BIqhBQXkfiFeUeE5klDFnrqzZmiX6S3hBk1yCNFOqGghl4elLVLldLzO9Y2YMw2SR5tCkNsxpGwSpaibyMTHmHZB6zNzLlDBOnKyWCrb4TWUOg%2Ba01Q%2BsaOSWkSJk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79232ce74c2ef858-CDG
expires: Tue, 31 Jan 2023 14:26:03 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7E02 2 KB
1 KB 45ms
44ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 968447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79232ce6f8d6d6e2-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPUON%2F3ZyOGXuGWQok7AjAU3RtEjKiJYmPhfaL0Pw2aTsMZBGXLjuOODcCeZ29yhpHtm91obs9w5R2EzfTn9CThWIUtV%2FzU0kkgXPxj1La3L0KTFD29b6FlKCsRpe9R6J4WBQfQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 3E38 2 KB
2 KB 49ms
47ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788c6024590f3f5d268bc3ab16a17ced9be38769269eb1b49a8e64147b58e1a3

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBGPr0ZVsMKKk%2FgBTlbZGZ7GwHATmWRdJrDHi%2F4l04MlIhA1D5hyLtkQ9WdD9JAslpOxrC6M7PPztFBM4UqG4%2ByVDMUR3bJvp4KX3DI6Pu438YgpyDb2G1uxijWFT8gUsClYpZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79232ce7da1ff0ec-CDG
x-backend-server: aa-reachservice-group-europe-west1-b74t
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 68ms
41ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79232ce789b5f0ec-CDG
content-length: 24
content-type: text/plain
date: Tue, 31 Jan 2023 14:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGilvi9UXMetQLtjrqGLeChgdhyQjPm7XPSwJOtzeFiQ1%2FQYd%2B7QNy66mv3M7THUda8cccLH2pp75RTvGxfuY2hIZN%2B58P1uqDiHFaGdppV4DztlPOPeCQC%2BFS3wMAEJshVYS20%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b74t

GET
H3 200 Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0408 36 KB
14 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1675175740&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F10191%2Ftesla-holds-its-own-bitcoins-during-the-fourth-quarter-2022&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175740249&bpp=2&bdt=313&idt=363&shv=r20230125&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5451336776532&frm=20&pv=1&ga_vid=1531602515.1675175741&ga_sid=1675175741&ga_hid=1901235164&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31071791%2C31071855%2C31071267&oid=2&pvsid=1753919314057433&tmod=862330402&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lht7brUw7u&p=https%3A//en.firstgooal.com&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14222
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 12:52:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 78ms
75ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ba6ec9928023c2b0bc4ff07555f285507db51d02bf49cedc8221d4a086a7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11091
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2361 9 KB
4 KB 51ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e237528535190913a40085fcf34da95f4ed75e1f610082e839f8af1757a99983

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1het4fk97sg1rwwhqt4qrkfxky9kw72t7d4kv66cxtemsbrmhmdpdt8hea2e4dfbd2qcyvc5cd30421yd66xfa9399ygrckr776nqwe2ejp8asch0tatf07dhjbry59ekdvyz7vpcpfzwmfqnth7rtjwf9xfctcxmj1k28xczzx5fdxtba4qmsb8ar14adx1xdmfdsfxfd235qsg0tj4sj9kjemabxwkws1m9wcjt03ac9zpz63xsxmsv7ey573nstsypdz4ewx322fvbvawx9xt852tbj8q8rvmbypqc8vzwg9358byqbez1v6r2pkrqttnjf76bpzxxfmh8s550d3x43613mmzezf4zy8wnq8khkjv0582macgyxzasezpq3ggv18stnbexrdn9p5vfj9wq7sv1zs51zwp3qaq5v3s5nh9sfy3r48&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%26client%3Dca-pub-5119020707824427%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79232ce85b50d6e2-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:35:42 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 2361 94 KB
12 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 422285
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxW1iE89q0eUJD9MUAls8fLSPOvLrO3OvXp2uVh6HWBMKpFCv4z3422YAV0GX08Wa7ImVtaqT7vElXnafJCTPHo1lJZWm%2B2NJdFxLrgnQf39F5oQ0F3XKrwCCKzYOto0jhNrEqGOBXE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79232ce8cbd9d6e2-CDG
expires: Tue, 31 Jan 2023 15:35:42 GMT

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 2361 3 KB
4 KB 50ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1722336
cf-polished: origFmt=png, origSize=14458
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWtRcRM4LeQ99cEcK0C9XyVx6cn9O5Av28GrXiWbgATfU1kbqSUBQ3hxnwuxWgVKmS4yAHntrDGFY%2FKiDylm1WKiERnsMI3ESxDfQ3DSl4z%2BGij9IN6sKUEP3l6OYb9%2FDM04R4q57v7NAYAj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc4cd301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 2361 66 KB
67 KB 48ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64fac551f092b7a83154182486fb538cc9da2b3c3e229781af358a9707946e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1715773
cf-polished: origFmt=png, origSize=142926
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3lUEy8Q7pne28fGoDKeZglCxQaA7S2I62QZ4gPjf0oHMyqaZve7fDRxOeJTnaV4q0tCw48JqKny%2FWSR2EHvJWf3GFg8DHZ%2FzqH%2FJV6rI%2BXZmxa5LUu8R%2BKv%2FvdQ0TO7YKg7ZV8OGC%2FXOjyr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc4dd301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 2361 43 B
2 KB 236ms
85ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:35:43 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.028832912445068
Connection: close
X-TRK-PROC: 70235
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 5
Server: nginx
Last-Modified: Tue, 31 Jan 2023 14:35:43 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 2361 14 KB
15 KB 67ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578614
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xJuVJuloR%2FAAqk%2F3m1DSLAAbCXfsY6BDEP4xuLYETzK2%2FVJWUrmqcn3CCwY24k1AHrJgCiirhXatk%2FU%2B4NUuRlX3KZOyut14GmWKDWKnyZJvPf%2BNCvuADUlDdHhs1Fu8ld8GK%2F5P9NCkkWT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc4bd301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 2361 274 KB
275 KB 65ms
51ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1625994
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsBzZkn203u8AkgXO%2FGjPbA7x9ERK%2FxvzAeD2Q6NaS8bVGFWOc8H8DbaiROOWxVVLKR%2Bj%2FAyoUtdBYU0579VQmQ3WpWz5oBaK6D2qlx%2BznW3lWg2E3%2BzlCplbjZyo8IyZyt%2BkGM8PF4GXMPA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc50d301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 2361
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

185ms
20ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 2731
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Tue, 31 Jan 2023 14:35:42 GMT
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.059933185577393
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 3
Server: nginx
Last-Modified: Tue, 31 Jan 2023 14:35:42 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame 2361 49 KB
50 KB 66ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97a16970b3c0282946c73892b6a8b07d8c95c588b6127417176fe1e87f247fb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500063
cf-polished: origFmt=png, origSize=104051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50558
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz4WgAazMyhMbW5h9efDL%2BGbNGmkE7yui%2FnH28197QHaI0i%2FnXCZZOjitSXxlMIQQ4Qda%2FwQRD0eLXqJPqQVu2a1J87aFdPyalxO%2FFyMEfYJ3AvQrYkLl7OacE15GWQcVtrkGwp9v4EP4OBC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc4ed301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H2 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame 2361 43 KB
44 KB 67ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C23302&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2C8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ&c=728&d=90&e=&g=715530e13f5ec94b376f1e19ea1d3bae%2F9175891953126779386&i=30425%2C2951%2C27349&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1675175742707&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g33bn2dbk9x4kaaz9pry4sz06678r1sy764mfeaf0ayh9vex213sne2rb5nncw5j4t4558ggfb3vrkx6efatyak5xf9ymme4908vnbsthpgeqqbs66ng5b1hfqptf19dhrderzf64fgpp284j1ptrbwx4g67rbytj5yc6y05gwnb33kp2hn94srmd1yb9s6n9fmfhjg6hjxbep2e4nse92ev8cg4g4mgphcd6pg383nn25r0jkwb4vwxwcmrbg440jjc68b42f03mzcwegg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNqNPSfZY8mRH4e0YLm_rKAD4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi01MTE5MDIwNzA3ODI0NDI3yAEJqQK_2Gm_FTSyPqgDAaoEigJP0KLqJJ1iZF_I7VlWZ0Kf73i7msLRYRrUdeKoD3FxrzdfuF322hSM7_tmvWwHKw8wwhmL8xt3fWjWa35vUKe1QbKEVafiI26QaRaAeQLcxE7jQvUsp82g7bkRpQJ3Qn-slv3nbfXwcNGtyTqS56Th2aFLzRmZ7UnT469xMOG7wNcmSRjQhV1QYkPXhD19X0ErZw5mXgcYrwE_Y-azMpLY4oWfFRZCiy7_RYKN_WAJ-slR2BoVftaKvvAZh-0oBwVJcfG0hA5hQwQyryCr77s_4Op2JcA3Isf40VgjvB3zZtDgWbj_4gKVCidW7E6ZhQ8syYq5VP16_hlxyeNV4NAuqRolQeKAbpDHwoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Lp-xd3GAagAh2LlxeDQ_Cib4dwg%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491996
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA7MAOWY3KxjoQYZMrNR3UNKWL%2BWiWs4OwsHkApifNXkUisA6t6gxzmru3xD7Eka%2BQJww56NtzDRMWGqbhN08VZyRifZ%2FiUp%2FNxQHYk6MnUWBytYDrWfPSqubjX8h08U1lsjBlqe4phFtOAU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79232ce8dc4fd301-CDG
expires: Wed, 01 Feb 2023 14:35:42 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame 2361 43 B
2 KB 141ms
65ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJskoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:35:42 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.015775918960571
Connection: close
X-TRK-PROC: 45335
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 6
Server: nginx
Last-Modified: Tue, 31 Jan 2023 14:35:42 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66A2 13 KB
5 KB 29ms
26ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:17:52 GMT
expires: Wed, 31 Jan 2024 14:17:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 926A 783 B
536 B 64ms
64ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cc83d2c75945fd6750b2332c637c436d4f40c6b94020016730fef9768b18f0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GAEwczgf6s_w1UokRTZ95A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-GAEwczgf6s_w1UokRTZ95A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:35:42 GMT
expires: Tue, 31 Jan 2023 14:35:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js Show response
pagead2.googlesyndication.com/bg/ Frame 66A2 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Eaz0IHujFkGwgw1wSqWcFoa2qhkXFFq07gGSCwbjNLA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14222
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 12:52:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 926A 0
0 64ms
62ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=1753919314057433&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15B2 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0dLZbyckUCg36hIbyiKtA3yS514RLS2ZNaxjiZXHJhqFy_xPxe9kt9E6nwzfTHZ7Xj27TIIVuW0GNEpxL-2sBCA-2BLuvdA3ePWl6iYtZVouMvci2KzgR2tf0vK3qF7C9K1RgjQ&sai=AMfl-YQMOM4s0APV4SDOhdZsjGGxo6v7Z6ZZkuj0RdAnsikib8pzI6JrZXzoSgspgEqOdzjKh2LGDAVEdQIJHNM&sig=Cg0ArKJSzGriuzWC5SKoEAE&cid=CAQSGwDUE5ymcAGLzG62SON68kGtKu9CasyQqpLBlxgBIBM&id=lidar2&mcvt=1001&p=0,164,280,584&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3602340273&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675175740617&rpt=1326&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 66A2 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bAEceQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:35:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D681 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvehTKKyOqTpajSdTHyVej-zuL5hV-mHpRYdEMVpNh5-vKx2Vd2dSJDBY2WuIO5LPqDU-_OjfQfrYahOuUX4q-y5clCz9kjFhZD_Vz7Cjw8tN71tfMfv76wdFyXXDVpKLMX3kt9xg&sai=AMfl-YRIb6hlW_szgWvviBhIq3AfOyXS-7Ojc6ONLo98267Bb8Ri2VPt8uVRRTXVSXt23xOusTTqXSI5vSjLABE&sig=Cg0ArKJSzBw7stxj2JuREAE&cid=CAQSGwDUE5ymNcUM1yLWPyJJ0T2fAXseGV7J83_lTxgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=470,1000,1000,1000,1000&tos=470,530,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675175741521&rpt=771&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:35:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=1753919314057433&bg=!0dKl0pbNAAbFy4Ck5cs7ACkAdvg8WmnjA0UoSRXTolQippqPBj7mZEvoJAIckl8u5BpCkt-BoHZxHwIAAABkUgAAAARoAQeZAqGx2RkPvJZ-G1fkZ1i4Y6traafFPyqYyS15TA_d9y-nJfUxD7MC5P_wvS10FbZeTl5y0E4oS2RxylpXyYKZna5tUzSTIYp70BH6ljgUmRFoYVDRG42_pnAwSl1OiB0dQ-pVvHJSJaZbG1Z9lfA38nNH4clZTIi1XbRrq32zQLgtCmPpzGNYmWyEcHLJdpkRP4ZoTZCv35hu_LHBzSnET3K2zBlfhEgA3j6I0v6u-EARMknZ9K9AFAg8ogT643wSG_ybjJru55mu1NDhqQc0DeW-Y8RGVqdX5eRCfMkK5qBrzasj7XSDPglWvlfnX41_8nsZYBmpIE8gjXYGozG9vcwSoxlgBUwAKGUDWaHnrQ78lj2IyRB6IDhn2DSV9h0YJvMDj7ajyi5o4-vnJRomqW3_DEC2Yp-rI1eOvQ2D0Efnd218dglqEV6F5Gd4cVxoeE1GD_hkIgw-WqEg2JkSX5f6lUKlFlpaO0_62NiGUU3YzUXSTt7mjKHuFAFvjNX1hR3cxEwBpeh6676JQ4Sv_eXcNjOByOH1KUrIq9LSq4w9ZynDZSow5C4P4kgpLrhVbD3QqY22MBhgOsr2JbTTNN_temxl_mKImPdIf6XylPSsQP2tOz_Q67zR0gDKZv-ys-R1IG23VvANWKaWLM3mrZ7aT89sbg4Pz8b9Nt-A_tAG88ReCT04VvhOILD125z-wYdi6wvxTOeHmZuZTfbRIv6xFUkDh1o3Kl_ylyRDh_TqSkyJ2H78ycCYM7nJpk1KGtTfwsnT67QAv7VniNuzRREFt8RnXUhQD0D8DzICB-WY2tOi1QKMzkb4umv34dt3gxkI8iHwYwnVOoEsqVDzUW5WBhrb_tUgpu7094lKq0royPxFl7_tKgtehsoHj_Wa_hVH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lbz.bz/	1970-01-20 18:05:11	Name: __ddg1_ Value: cX9th3ghVGLCwyxbnhPL
.google.com/	1970-01-20 18:49:22	Name: __Secure-ENID Value: 10.SE=Zzu7oy2GzK5s6ue4K_Q11m6X_eikxCSXDeXHpjwuhS7OFfSAZaKIF9Wb5rSyGAoUXmC_ARntU4grcmqqgOMMvfgGTagbMQMOhK-CMOQk3eMDk0GXdV_EJkE_eFYbeovxQmn_BxKVlSTsB3WWIBt_9WYCL6QXO5luxEEaBCrXDY8
.google.com/	1970-01-20 18:55:35	Name: CONSENT Value: PENDING+283
en.firstgooal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3e7ec865b7d736d01dce33ff3c68dd83
en.firstgooal.com/	1970-01-20 09:22:28	Name: qa_key Value: yg4ktmjhqwvb9ifcis7leh21m2h7l9eu
.firstgooal.com/	1970-01-20 18:55:35	Name: _ga Value: GA1.2.1531602515.1675175741
.firstgooal.com/	1970-01-20 09:21:02	Name: _gid Value: GA1.2.1146544380.1675175741
.firstgooal.com/	1970-01-20 09:19:35	Name: _gat_gtag_UA_62733008_15 Value: 1
.firstgooal.com/	1970-01-20 18:41:11	Name: __gads Value: ID=2d46747ecf8cf951-22134af07bdb009d:T=1675175740:RT=1675175740:S=ALNI_MZrbk9EArXXWI3FC4ZNFW_I00xp5w
.firstgooal.com/	1970-01-20 18:41:11	Name: __gpi Value: UID=00000bad29b0f860:T=1675175740:RT=1675175740:S=ALNI_Mb7EBI2FrfZiLU1zqn7BV7D5v_fXg
.doubleclick.net/	1970-01-20 18:41:11	Name: IDE Value: AHWqTUkChq0pzcmQilWxWRWceX8L2oZMtyvV43gteOIShf3wgao_x8X5i6hD7e-CBMA
.doubleclick.net/	1970-01-20 09:19:36	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:19:39	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 11:29:11	Name: uuid2 Value: 2963035115842841862
.lijit.com/	1970-01-20 18:05:11	Name: ljt_reader Value: GFCrrGZHlxeNynubReSHKUkp
.everesttech.net/	1970-01-20 18:05:11	Name: everest_g_v2 Value: g_surferid~Y9knPgADa4gAZwAb
.smartadserver.com/	1970-01-20 18:49:50	Name: pid Value: 8162841721651145708
.yahoo.com/	1970-01-20 18:05:33	Name: A3 Value: d=AQABBD4n2WMCENQjJdfbLs6IRSEaXgsA_G0FEgEBAQF42mPjYwAAAAAA_eMAAA&S=AQAAAirbofV3d5GdO5sxvRFF7ms
.analytics.yahoo.com/	1970-01-20 18:05:11	Name: IDSYNC Value: 18yx~29qe
.happ-e.fr/	1970-01-20 10:45:59	Name: neta_ssc Value: d4d6f4264puunmudijnjh7t48z2e
.happ-e.fr/	1969-12-31 23:59:59	Name: netases_ssc Value: d4d6f4264puunmudijnjh7t48z2e
.happ-e.fr/	1970-01-20 10:45:59	Name: kwknc_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.happ-e.fr/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1970-01-20 10:45:59	Name: neta_ssc Value: 728cf4264puuz6yerwcl125vikvs
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 728cf4264puuz6yerwcl125vikvs
.metaffiliation.com/	1970-01-20 10:45:59	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.aircaraibes.com/	1970-01-20 10:45:59	Name: neta_ssc Value: e801f4264pux3zi6hrarqnn5d66f
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: e801f4264pux3zi6hrarqnn5d66f
.aircaraibes.com/	1970-01-20 10:45:59	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad4m.at
adservice.google.com
adservice.google.fr
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bangladeshembassy.bt
cm.g.doubleclick.net
en.firstgooal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.metaffiliation.com
jpp.aircaraibes.com
lbz.bz
onetag-sys.com
p4-clmdxsyzdj7kq-q7ywpj7jtiucvnhm-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
prod-rtb.ad4mat.net
s.ad.smaato.net
secure.adnxs.com
ssbsync.smartadserver.com
static-de.ad4mat.net
sync-tm.everesttech.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
vcb.happ-e.fr
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
142.251.208.163
151.101.194.49
18.156.0.31
185.86.139.93
190.115.26.9
192.229.220.129
2405:d000:0:100::216
2600:1901:0:76b9::
2600:9000:2450:200:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:400d:805::2003
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2004
2a06:98c1:3120::c
37.252.171.53
51.75.86.98
72.251.249.9
95.131.136.1
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1172632581268c1589aa44318b9f8a133a47fb98c829694ddb078d7d08f130df
11acf4207ba31641b0830d704aa59c1686b6aa1917145ab4ee01920b06e334b0
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
16f47ed4e5c161683f95ff76d8fd7a498b099b0059534f141cadef3c08938baf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48d3c7f81942ca87ef72738e4bfb4865cbc3240fef90e4559bdbe6f26639dac9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e5e9b26b6f97b8262211bb07e5f62949368f282e4d957573a2141508ba1cd1a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc83d2c75945fd6750b2332c637c436d4f40c6b94020016730fef9768b18f0d
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6fd51607559ac82e66145961ac8f9bbfc15ae856e08738361ad03ca485aa863c
788c6024590f3f5d268bc3ab16a17ced9be38769269eb1b49a8e64147b58e1a3
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
828ef4e9fb71fa7857435101225e145e59fbb3c55f2bf1b0fd87254e926fae08
843626bc444a5588db3e641d80d1b695d0118249dc54465c7205a07424e9eb66
88ba6ec9928023c2b0bc4ff07555f285507db51d02bf49cedc8221d4a086a7ca
8c54c7436a7bd1954feb6fb5d37a8f823bf121b6d83602b7df636037677a2ae5
8e60b0a1061d7f8051191eb39654f1b849f5fb028b5aa5506680e4d489e10a74
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
95a30069224b8e6788bb5e1671ae65eabe4693d9f9613dab4a60235f54cf3435
98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9eea40226a494a2f448aec63716bd18b1c9c8a6917df37822dfee61833a87199
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d13857543580c63a93bbf2571fc7fe70ec78a0477638db688fc46eef7bdc0d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
b82e9bfa9737667956a8f677f722f6da5f8c69ec3677bc4bef06994dd6a7160a
b9d7f71a1634951d29f361e504d280613a29e8f6f74b702a42433ff9b20e274b
c0ae2d442cc484998ab9e18a8eb9876df598ba78a829546799e11654b061da51
c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db5062f5f4d8eebb1d80b889636e97de6d515edc01abd4d0308d1c6bc95b64e7
dbe00df6dfadfde1c57a89711af77f5b5664faa226eef59ef81de7d5f4c66acf
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
df6ee020b739af6892dae132eee5ae4468ed717106b8401ca6d6d00a301d85a5
e237528535190913a40085fcf34da95f4ed75e1f610082e839f8af1757a99983
e2f88798f5fb5baa0881c617ff9887afdd68c5d195c1a51959a1395ebd05466f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
e97a16970b3c0282946c73892b6a8b07d8c95c588b6127417176fe1e87f247fb
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ec0fc8819adafe512fc2b23e18e7e4b45d8983bdf32bcd95e1a578f0108a4a
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f63156da31a7fee260b5f31fd30da3b436bb5cbeeef69575f8da5a0e027ed4fb
f64fac551f092b7a83154182486fb538cc9da2b3c3e229781af358a9707946e9
f7c30be38256439548eeecbc369974703ebad100774e574e5c9a304c7fed2fc3
fb812dedfc4a051c83c1bd8b6a7cdeed096d2d8b61c40974a450ac8183fbcac3

en.firstgooal.com Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

93 %HTTPS

63 %IPv6

25 Domains

34 Subdomains

24 IPs

7 Countries

1960 kBTransfer

3976 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

en.firstgooal.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

93 %
HTTPS

63 %
IPv6

25
Domains

34
Subdomains

24
IPs

7
Countries

1960 kB
Transfer

3976 kB
Size

31
Cookies

123 HTTP transactions
7 data transactions