top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://g.top4top.io/
Effective URL:
https://top4top.io/
Submission: On August 25 via manual (August 25th 2022, 6:10:37 am UTC) from AU — Scanned from FR

Summary HTTP 147 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 16 domains to perform 147 HTTP transactions. The main IP is 188.165.137.170, located in France and belongs to OVH, FR. The main domain is top4top.io. The Cisco Umbrella rank of the primary domain is 359748.
TLS certificate: Issued by R3 on July 13th 2022. Valid for: 3 months.

This is the only time top4top.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	163.172.24.234 163.172.24.234	12876 (Online SAS) (Online SAS)
1 3	188.165.137.170 188.165.137.170	16276 (OVH) (OVH)
16	2606:4700:303... 2606:4700:3033::6815:589	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 1	51.158.152.62 51.158.152.62	12876 (Online SAS) (Online SAS)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
21	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
7	23.47.209.169 23.47.209.169	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	18.132.175.146 18.132.175.146	16509 (AMAZON-02) (AMAZON-02)
1	52.56.103.253 52.56.103.253	16509 (AMAZON-02) (AMAZON-02)
7	23.47.213.170 23.47.213.170	16625 (AKAMAI-AS) (AKAMAI-AS)
147	26

1 163.172.24.234 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 163-172-24-234.rev.poneytelecom.eu

g.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.165.137.170 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip170.ip-188-165-137.eu

top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::6815:589 (United States)

ASN13335 (CLOUDFLARENET, US)

s.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.152.62 (Amsterdam, Netherlands) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-158-152-62.rev.poneytelecom.eu

b.top4top.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.175.146 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-175-146.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.103.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-103-253.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.47.213.170 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-213-170.deploy.static.akamaitechnologies.com

havasfrorangedcmdisplay758646212611.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	617 KB
22	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 ad.doubleclick.net — Cisco Umbrella Rank: 206 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303	175 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	111 KB
21	top4top.io 2 redirects g.top4top.io top4top.io — Cisco Umbrella Rank: 359748 s.top4top.io h.top4top.io	389 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 423 geo.moatads.com — Cisco Umbrella Rank: 653 mb.moatads.com — Cisco Umbrella Rank: 662 px.moatads.com — Cisco Umbrella Rank: 469	112 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	71 KB
7	moatpixel.com havasfrorangedcmdisplay758646212611.s.moatpixel.com — Cisco Umbrella Rank: 267331	2 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	173 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286 fonts.googleapis.com — Cisco Umbrella Rank: 54	36 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 34461	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	644 B
1	top4top.vip 1 redirects b.top4top.vip	108 B
147	16

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net top4top.io tpc.googlesyndication.com pagead2.googlesyndication.com
21	s0.2mdn.net	top4top.io s0.2mdn.net
19	pagead2.googlesyndication.com	top4top.io pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
16	s.top4top.io	top4top.io s.top4top.io
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com top4top.io googleads.g.doubleclick.net
7	havasfrorangedcmdisplay758646212611.s.moatpixel.com	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	px.moatads.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net top4top.io
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	top4top.io	1 redirects top4top.io
2	googleads4.g.doubleclick.net	top4top.io
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	top4top.io www.google-analytics.com
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	z.moatads.com	s0.2mdn.net
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	h.top4top.io	top4top.io
1	b.top4top.vip	1 redirects
1	ajax.googleapis.com	top4top.io
1	g.top4top.io	1 redirects
147	29

This site contains links to these domains. Also see Links.

Domain
download.top4top.io
twitter.com
t.me
cutt.us.com
0i.is
cutt.us

Subject Issuer	Validity	Valid
top4top.io R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://top4top.io/
Frame ID: 25A16D790858F396348F357CA74ADB1B
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: D10C465C49FD026A3BC08A4CFD6DE0F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1661407832&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832135&bpp=4&bdt=364&idt=173&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569785208088&frm=20&pv=2&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: 785FF95F26FA699B372FCC062F3DAF8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832139&bpp=2&bdt=369&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7OZ6pbwsUm&p=https%3A//top4top.io&dtd=194
Frame ID: 11D996C4A81ED0793ABA5307C49E6898
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832141&bpp=1&bdt=371&idt=197&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zVEvEhmoQc&p=https%3A//top4top.io&dtd=200
Frame ID: 7E7CAA891A4575355CD9E68DC2DF6B5B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html
Frame ID: E28B1ECF6A8FF5815BF28E0D51426110
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: D0DF764166756A63808876A6E725E6AF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56F79BC7A173BA8D03318E9B991C6830
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: BCB7B83D9D723C9F628338315A42EEE3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7060323BBE65ECAEBDD7CA1F95C8C892
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGKXJqc4BMAE&v=APEucNXG0ZxtsUsTjJK8_UampRQsiLmbdpF811hv6uYKRoaHNb18LvIDCKrYQZWF9Oz688_My3enk2EC4uS3oVepjftKTNg3ZYgnwP31Y4fy2Nf-ee6qkUJWeIJy9gcr2lfyWkoiCUcQr9rDO-sYvmLbUY3I7VGQoSw5-FImhb878hZkJZfE5bw
Frame ID: 2D6D30153A2B26773D5B4B68A3B3995B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKJCOgyqvcfQ8lUQhbznhMbCOk9o8p-_ETlMbGDw-IpIy3bHcyvDUizyBuBXsPZ1CWuY4MBaRKjnYCNv6ng5nSNXuyc-wZRZ7FOn_QF86OsLmBx1ziy50n0ZFYqUMeg3tJkiVAtrIG75iMCeSLT_orhwu66A&dbm_d=AKAmf-Dm3tkLvSvIuRbxoK5my_vgRAEkOK7GgzfQLwPqxGzT4MYMrzn-kjASPe_-fg8d-lWmsINFaLxMuZ0hyNiaL5feIr1KAehm1HeyQVA-9cAwJRWV2it6PRkhbvEutDzTsznKo1-CCbXin9bmnVg-CntFlx5GrWb7l-fn_cOE9KnG2v21bPQ6g-sYAvhlgeG3qiWU7bAGCLJPlK64Kgf0WJQ2K2fzK7KFwH4ngjEWyR4vZOL0bnGOGwLPjHuuunx_qJ8n0DD_RcmJBKbqWL63Ol1eqyq4wHajdla39IPA6SmjlZV9ozmkc0d-VyulwZKiKe8uLpgltPBy3Ts9bvzyZETBYwLGFJaoa7P75EndON2lnL6jN2rKlnrevmu5FDSppbAjHgZ_fuLMrsM2g42xZYBt9bjItpyi__k1-Ehc6x-Mqo2PRW1bTijmp08fOILzYPS08q8Z8e1fKP1sbUVj8VFGW1ivE96ufffVWkHbbup2u3Sa3nGyF_Lqrrl5YW5bx7BdWhtOT3KVTavZmd8e7kVG2IvOwzwD9YWBVllk8sFSVpmmgkP51AsGtiEGVaVyGvF5A_C1slcS9LwKa-ji1IoE3Qd4M2CIFrcN_G_cEUAR7PPdgyWtr5CowSDZWd_QKEae1w-rpo7N6SboRjvNYp3r77Oqxy8TDKNHUiC5qudqcS52qtVMTnnloeAA_VKM4aqSI4Ogs0JR66hcI_EFFntT21jLXC2pzbJJQ1-ALZBeZRSYnnI7dCgWxAdzo3qtR483SVG_RF5pUnNmv5puokuoGoIUfMhuyzU0y-l5L_9s198XN46RJstn6cB1C7gpe4gcgQAKZOPo2zctlle8ZXT5HFJ8xEj4SHUwul1-oZgsVIUltvOFGiVwzsPWwwCvaBSM9KLI6jmVWDd75qK0o5QSXgPDAyWZubICigVwgdSiTyfp-GnwPyRKTfVAmU3vTB2HmxgbgpjEvFMR0-2S8YUhZvuMq_e_3hsDi3PH2HyKKw14x-_iFxB8U_GB_Mz7I0xqgMZH1Qho_8BFKvEofGEbORJZYlcXDGz8nChDuF0r8Va5mrcOCOOgrJGfVxuRBp__BeE1vOfqCe102F8TrOGlB6LzmjnXqFMBS2kpU8JVFaD0sdljjQHwfk3tRvx42RZWPmCVyElAVB9-ekfZTuGbENmFST4isdUc8AapcOJn2mP7DNDejvS1KkbW-nEugO408DDBSC6B3WmUqP6KRDKf7yoxHwYZrzbwUic3PIT6Zk72MATHZx6EqdBv9iulHcD8eUar6-f5lYfTIS_KaSEORC_fjh0EdZCf3qUh6n1eF6jCcbW8fKu8RWCv7AEBTSNYE4GMSSGTD6eIcZVuuWzaRbGui_uf-k2t3Ut-l6oLBGnTihvTpgX5TR4GbqBi5UViyeFMWDGY34PmJaoD4HoRwYCYsJHNjDW9EA15kEnL3Nc_HpfVmLT2Ce9Jsebf3WsNi8WEDqgFbqzGF6y2MSwqoavJXoPLy-WH6vAaT39uyBJp0KWxxKcbzzAuIeqTF8egPuo270zLkM0Z3RhxO4NoS_hd4xobs7jq5x7PRRmpcSsKQUtkM9CyrgL0aVKNgX2-tsb8uJFRNpgn6hDSVahYvxCkFukcdJK_PNF_njfIF0AqqdXFgr7cXkMVynZR-L8B28g0kOHijlMwux36KwBG_gqwcaBe_wAer0B8lP08IrHL1VehbPv91GVCKTUsc5ttUUcrho2V2iItEj0ppZnLdG0D2Z66pLY02cx9i7dYfM9OXAWS_UqttVt1dpcsbVpD7w27Kvdfqz9Le9P9GSGcJOVjLe8Nt1zATGXBUDwf5VfsEWy8c7SvDZztw1qE6VSax_BFaT7UoCn51hEHhbtamRtZNFPhZCFRmiHmmzWV5Glb0FHfo22mAD4_AFH1jxu7QDg6ZR2iW9jSPvD0pZYwo9e8dwWwcthvI_lXYU9q-FrorBHCixmcZIUvdct3-8liZ7VtlroOsi2lZoz2TOg4hBLksRA4eIINt-ZfEe63gH3X3FuaNsOkKZsJqzc2hxwJfPE2wj3SSsURRpDAAtE1GYPaZR5Y-WaX440KqKZy5Z_Ww8lXH735rKMZRYtOUL6oBfcwE7Uadn4dJdaKn8HwAjzgI-krcNmtibUzUVb50OTuu0YFwi0D4F-UHr_Nm5bjXQKVj-GgVFaOSW_Tq5-DuwWPzL6eF6jE7QJ9Rivy4Beec9FaqgKAi4D5NYtb7pSIzajkruM_gCMjQ3Q1lwydxQ5DdmcQLjP6XOvT3Ow4Kb6x5cKIK-9-8O0jVTstFwBd0XLPyaxw0yq_uNocrvtX7XTq-vzLqNfjQY8RIMaL1gr0AyqL-_Q13faxUMcuqrdYH9f67I-QiuCXDinTWJyVE7x1XGLqdU1cGwe-DLTfg4Q_XKGAwiMJ3ilvxINLCYbLjVWu6wz-TibKPz6DDOP9OAgVuU11NfOm69Dhg7gqwJovMFJT4pQGY2M6X6fmXsk8lSalNLY_L2o6JzSJqjp23kU4bRo07__jODVSEX0n6ciHjlAGZlpJSnrU1Q54NrXoH3KWjdbekNABa_262zdsJcoOoDLycIBe2Mhmefw5xxoAd-3PpF_vYRZS3yyl97n3Pvjcrgih6IoTb8S3lnuGyMsha6tp47bhGRuwi91DcBqjMXEoxe4aMZWqz8mx5Cbbu9SZFsb11yrA2quBINvgoB1YCwDPEfLJZgfKRU2Jh4Vw7xb0JHuP45nbuNn-Uo9KM0a4RiwIDoLWSWAamMLg7UnrhtWhnXNMtKFMOTRBz-3xFZJESe4jPI426Zh_dNC1VPCGcVZfzmbnVO065bDvWryeFNHDD_E5pT2UOTn76b_eu3Es-N4H4gVAZWFn6EXG6Gepa__owH4ht1ltKjgUIcIHJqpp6oTb74rjOSTPyFhmCiEzXw1XnjvjMJwwJsm1uj5rARHEz8lQ0UBwYQ9CEsjb-eT85DplEL7GtPQHCagRnEblB4UoNG9XxgrAWZe0kj8cSosqmO-mV1yI21JWnvmic8wqG6gOvVrGfnRKOn6-k6E&cid=CAQSGwCsnQUxsXIEoE_LIG9A5iDMgaeCDmijuqboyBgBIA4&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240
Frame ID: 6758C1930D0EF495908674CC3B12F9CF
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: C0333E443DD06D88F0C5DA5DED485035
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D2B772C5FCFDF9114B4C10A810343B2C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C3DC81CFE4BCDD01276BA4BFE7FD46A3
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
Frame ID: 1FE3CB1E85A3621152F716A9535CC3D5
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F62F19E10288A7DD092613CDFEB7E149
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: C4EC85A624FD79EFAB82956EC0B6401B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2EC96167BB22BBF642B4FF03A6DEABAD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62B873D42B09789872D7038D45364395
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top4toP | مركز تحميل و رفع الصور و الملفات من الخليج إلى المغرب

Page URL History Show full URLs

http://g.top4top.io/ HTTP 301
https://top4top.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

96 %
HTTPS

52 %
IPv6

16
Domains

29
Subdomains

26
IPs

8
Countries

1710 kB
Transfer

4205 kB
Size

14
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://download.top4top.io/upload-tool/
Title: حمله الآن

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top_net
Title: تابعونا على تويتر

Search URL Search Domain Scan URL

URL: https://t.me/zSupport
Title: للتواصل الطارئ والسريع

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top.io

Search URL Search Domain Scan URL

URL: https://cutt.us.com/
Title: الربح من اختصار الروابط

Search URL Search Domain Scan URL

URL: https://0i.is/
Title: اختصار الروابط

Search URL Search Domain Scan URL

URL: https://cutt.us/
Title: اختصار الروابط

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://g.top4top.io/ HTTP 301
https://top4top.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://top4top.io/adimg-61?1661407831 HTTP 302
https://b.top4top.vip/p_427vfh7e1.png HTTP 302
https://h.top4top.io/p_427vfh7e1.png

Request Chain 42

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1

Request Chain 80

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwcSWbIKft4OWBNdb5QahQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMJhAnlxArC4piGBh5xNHtg&google_cver=1

Request Chain 82

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyOTgzOTE3NTE2NjI1NzA3Mg%3D%3D

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

147 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
top4top.io/
Redirect Chain

http://g.top4top.io/
https://top4top.io/

22 KB
22 KB

155ms
92ms

Document
text/html

188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: 826695ffc80a1429f317d7ede2d831623243c6d30443315fc3d60ef144b54aef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Aug 2022 06:10:31 GMT
Expires: 0
I-AM: US03
Pragma: no-cache
Server: HotCores
Transfer-Encoding: chunked

Redirect headers

Connection: close
Content-Length: 162
Content-Type: text/html
Date: Thu, 25 Aug 2022 06:10:31 GMT
Location: https://top4top.io
Server: Hotcores.com

GET
H2 200 reset.css
s.top4top.io/styles/default-new-reg/css/ 675 B
1 KB 79ms
26ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165350
cf-polished: origSize=1013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cOt6ywxHXEQIWY%2F%2BFwsKyAbAURtCTKHwjsfDkOeLEpdQ1FvSSQRHd9BtxSCRK7ABLTZ5m1xCLEyAWq6U0vyIhv6nQFuTOKgN96Eqt2Zvz84TH17tlVLhkLLr8ERJjXt7Lel94MaRP2XaH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a44fa4099d4-CDG
cf-bgj: minify

GET
H2 200 stylesheet-3.3.css
s.top4top.io/styles/default-new-reg/css/ 18 KB
5 KB 81ms
27ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11721
cf-polished: origSize=23881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-5d49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rqv0xkY9u7ssgmzUgTLCPQ3goFAL7KEcCA3dj04rOM8zn44GRk5bjzPu3u9kTgizWQctgw9i%2BuAIGEp261UtRndi%2Fp8hNrQ6wwFkHgJfhcW1wugmOUD5FxAlLx3K%2FgiZNhq%2FvP6Gs%2BQNc2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a44fa4799d4-CDG
cf-bgj: minify

GET
H2 200 bootstrap.rtl.min.css
s.top4top.io/styles/default-new-reg/css/ 111 KB
19 KB 84ms
30ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-1bae7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b4k72GEEIwL1CYyeGCop7VLXl4MgvKI02%2BrPY5C1vAH2JTdt2Ygml1NWPdPYAYyTbt89gt2hSa6GYFyd3iJpfR6szCL1HKjZFMFdzJNIz8wH9KC20Hfpt0JGjPJVfUoREKgrdozSotSOpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 74022a44fa4599d4-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 font-awesome.min.css
s.top4top.io/styles/default-new-reg/css/ 22 KB
5 KB 83ms
29ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-578f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtHD8C6G4pSd%2FOE7vaguR899ePDva5y8pYjAJz4rq1v0L41DBiVNAzuV2fUSzt%2FJSagGRVr%2FxaxHyEeUUVbgxV8vn47OUR4YRLE0poW7ta%2FIm%2FoJHwWWUmQuy5fxcQ3d5zTheYxQDWZa1Xk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 74022a44fa4699d4-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 animate.min.css
s.top4top.io/styles/default-new-reg/css/ 52 KB
4 KB 81ms
28ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-d0b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu%2FmwADs3nk5ouTmv9VHUJ1VdAFdo4UtqTCncB4LKU7O%2B16wc7p583DZGbwnOua5Jq6QJmroOFszNBhBekiJrzQAxvvxvgzUinr3MLQGaiuHlHJchrpAM2%2BRHYmT5DHrJtwWWZsEkz%2F5Nec%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 74022a44fa4199d4-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
800 B 90ms
37ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263281
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-1e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG8aMZh8emTQgLjuPLnJ7XjOm%2BdnZBQ7mvIL2FtocJpz3MHHXbpLBrPOb2i6lVCOl1m7IJ81KAQguapxe2tLv%2FDrN3IuTFXV%2FFGbF%2BHiuFPKGvztE11TC%2BE7hQ9OEreQsA7S1n3OJRFELqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a44fa4499d4-CDG
cf-bgj: minify

GET
H2 200 the220px.css
s.top4top.io/styles/default-new-reg/css/ 9 KB
3 KB 90ms
37ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165350
cf-polished: origSize=11662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"58cb25b5-2d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTr3cPMAGez4UmFLRofmb8M6mB2RGWjQyLmyi0kV2rJrcKTuEEd0v4TNtTvDnvUQTwtdGz8VBl2yddump5%2BJdo7gZ%2Bt8NaTV6lUGQCYOKtoNhRTHFX258RCLfFdr%2BXUUpjUWTLgk8F15o9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a44fa4899d4-CDG
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 18:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 18:24:48 GMT

GET
H2 200 bootstrap.min.js Show response
s.top4top.io/styles/default-new-reg/js/ 34 KB
10 KB 93ms
40ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-875d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zB7wCF%2FuUr3JXvupO3mqHQ1LsZzSPkWPWv5%2Bte1SUSoyruyf8yZrTTbX5DXJpoAbGmbg1sacXbsqKZjSJCRf051pK4wYxG3lf8r8MmYZpqiagD1%2BYd7uSrlXmeahR7qodcz49b6jY5DJgk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 74022a451a6299d4-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 the220px.js Show response
s.top4top.io/styles/default-new-reg/js/ 474 B
496 B 84ms
31ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263280
cf-polished: origSize=562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFOAsSs1tCBnJPRE1rp5c2S049PUKCb3BnCEZtxv%2BhuOtJBLjxiW2dRyhAyprhIjNWzUAgAUkBPLojdDA%2FZN%2B5TQqEsO6fWBtuN%2FihuL8UvRBA%2BBbltJQTJIMNjgl45h4ybqsbEzc7XgBMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a44fa4999d4-CDG
cf-bgj: minify

GET
H2 200 javascript.js Show response
s.top4top.io/styles/default-new-reg/ 6 KB
2 KB 96ms
43ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/javascript.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165350
cf-polished: origSize=16039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-3ea7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN%2F%2BkRzgbbXzis15PzC7mVvRKoCyeykczuZRzim7qjPaki%2BkjMYYJJ%2B0epaeGgrHHXDVfO%2BzuFxVYpJohL2gjXFFZqaYnA99G11aHIBH6luzSy2%2B9Fk6dit1Rgssrz%2FbK4YFo7wPQDyPgzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a451a6499d4-CDG
cf-bgj: minify

GET
H3 200 newlogo.png
s.top4top.io/styles/default-new-reg/images/ 19 KB
19 KB 28ms
27ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/newlogo.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165537
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-4a7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgwgZuuDIbB23njIV%2BIvceXLOXO3IcF0npLGriMgSxUJauTnaGdOLxnjFWQU1%2BjtxVGsSYN8yr04%2BZOLZcJKKYNol9pN867Ek4DdGwfdE2ktCU0%2FVl6Tyw25bXYThscWuGEc3vEXC0COhGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 74022a457e6bd6a2-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 125ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72602515fcf2f06ed78912551bb9897107c7032b214697de04cdb6dbaa1ab90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57534
x-xss-protection: 0
server: cafe
etag: 2144225401297578296
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 06:10:32 GMT

GET
H3 200 loading.gif
s.top4top.io/styles/default-new-reg/images/ 32 KB
32 KB 34ms
33ms Image
image/gif 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/loading.gif
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164675
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32533
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-7f15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8sxgYHjoRsyShlV%2F7cvQQvAa770BrRQtfHXj%2FosaEePWcnUQv4WgJTZ8vzSFKIWqs%2FjbzI1kIo0y3fkI26uilIUWXcVhR5dI7KmAN4xdmVurzgxgk4CXPvMNm8nUFqHomFpeD%2BDSSFLMsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 74022a458e89d6a2-CDG
expires: Mon, 23 May 2022 14:41:01 GMT

GET
H/1.1 200
OK adpull.php Show response
top4top.io/ads/ 337 B
489 B 80ms
79ms Script
text/javascript 188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: 026ca1872e0c65e86a15953bbc8e7acfda971c1aab563d4da90e2e95a386d1a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 06:10:31 GMT
I-AM: US01
Server: HotCores
Content-Length: 337
Content-Type: text/javascript;Charset=UTF-8

GET
H3 200 soft.png
s.top4top.io/styles/default-new-reg/images/ 40 KB
41 KB 52ms
51ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/soft.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165537
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-a120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNjzOCv5cbjWkkwN8qjibaqT3PgRXFE9p%2FtSNZCPh%2BW0vYfecffL%2FwpdGXUcduLAGBabpPCHrgEwyQNelCPlW9qkNqQzgE2ialZonbHmzPiB3hxUJ%2Bnb%2Bhi05zhdWycxEE4ucZpgLGfVtGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 74022a458e8ad6a2-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
493 B 27ms
25ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259844
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-1e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSr53gVzJa%2BxYWJbQ09dI2zTXxoivaUh59%2FYYwwS41z7L0A70nSdFA8q1iyI5VBEMzF0DHqXlrExK76S7U876OTsSw0KSfAZMdUHReIPAHchmKlMVQrVpCh8uxCqRh1bSOL6fz52vAa2MK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
cf-ray: 74022a454a9f99d4-CDG
cf-bgj: minify

GET
H3 200 NeoSansArabic.woff
s.top4top.io/styles/default-new-reg/fonts/ 115 KB
116 KB 71ms
49ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/NeoSansArabic.woff
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117704
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-1cbc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7qZxLv%2BDycRg7dS7d8fX7eSfqb%2FHXWib1K0Ph6VbJH3xM3FaYP3gQnEVr%2BV6Rr56q1VY3LTmYL8sc7JE5nCgnly1Sh7C4lDVyMcYmCbLm4503tA4humb6EjVB%2Fin2FLgVZWqjByLfj3uGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 74022a45bf67d626-CDG
expires: Mon, 23 May 2022 14:38:08 GMT

GET
H3 200 fontawesome-webfont.woff
s.top4top.io/styles/default-new-reg/fonts/ 64 KB
65 KB 36ms
28ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-ffac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFyXLU5O%2B33LhoJVdxORtWzWI2JX%2BL6EsDse7hCNQMtYvrvZe39Xd6uAJHfAaHHm8qsHiRwrYbVK79uZ5HFMEYcMa%2FITmr6xnxfYVDGn9ZZhtcjcPl3g7OuqIXJZ8GAdA5SlUle5rTLfcWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 74022a45bf64d626-CDG
expires: Mon, 23 May 2022 14:38:06 GMT

GET
H2

200

p_427vfh7e1.png
h.top4top.io/
Redirect Chain

https://top4top.io/adimg-61?1661407831
https://b.top4top.vip/p_427vfh7e1.png
https://h.top4top.io/p_427vfh7e1.png

42 KB
43 KB

183ms
83ms

Image
image/png

65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_427vfh7e1.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-file-id: x16233079x
date: Thu, 25 Aug 2022 06:10:32 GMT
last-modified: Fri, 03 Mar 2017 15:22:29 GMT
server: nginx
etag: "58b98a35-a905"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="427vfh7e1.png"
accept-ranges: bytes
content-length: 43269
expires: Thu, 25 Aug 2022 08:10:32 GMT

Redirect headers

location: https://h.top4top.io/p_427vfh7e1.png
date: Thu, 25 Aug 2022 06:10:32 GMT
server: nginx
content-length: 58
vary: Accept
content-type: text/plain; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4112
date: Thu, 25 Aug 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 07:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
31ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1503419825&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2F&ul=en-us&de=UTF-8&dt=Top4toP%20%7C%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D9%88%20%D8%B1%D9%81%D8%B9%20%D8%A7%D9%84%D8%B5%D9%88%D8%B1%20%D9%88%20%D8%A7%D9%84%D9%85%D9%84%D9%81%D8%A7%D8%AA%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC%20%D8%A5%D9%84%D9%89%20%D8%A7%D9%84%D9%85%D8%BA%D8%B1%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=742784774&gjid=1845289775&cid=2003086748.1661407832&tid=UA-9340508-1&_gid=1985843391.1661407832&_r=1&_slc=1&z=1526225661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top4top.io/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://top4top.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 341 KB
120 KB 103ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io&bust=31069049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dec7cf652472bdbb3275668c74fc7666c8ec10ba4779912e7ef2d11e98ae6411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122736
x-xss-protection: 0
server: cafe
etag: 14168782658790095117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 06:10:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame D10C 10 KB
5 KB 84ms
25ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 82788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 07:10:44 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 07:10:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 93ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io&bust=31069049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26f40e6c8b1bab68fc1d499eae5ad1c1412723db1b757b44185c1c990d2dd85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 121ms
36ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
33ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 785F 169 KB
48 KB 384ms
332ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1661407832&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832135&bpp=4&bdt=364&idt=173&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569785208088&frm=20&pv=2&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a996f05810207146366430fbab7ef95d930eb60ade5c8377849ddccbb2ddb33e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48665
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:32 GMT
expires: Thu, 25 Aug 2022 06:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 11D9 88 KB
31 KB 410ms
366ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832139&bpp=2&bdt=369&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7OZ6pbwsUm&p=https%3A//top4top.io&dtd=194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d357cd0da000b256a372e491167bd2e97eabfbf004cd71e920091b9f3476bd00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31916
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:32 GMT
expires: Thu, 25 Aug 2022 06:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E7C 142 KB
46 KB 525ms
487ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832141&bpp=1&bdt=371&idt=197&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zVEvEhmoQc&p=https%3A//top4top.io&dtd=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e887f4d2abab3726430e13ddb5e8146061981ea0dfdd722818e8002cbd57368

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKWFt72q4fkCFYiFmgodk_oAVg&gqi=WBIHY9qwGIOR7_UPqZeWmAg&layout=/sadbundle/%24csp%253Der3%24/4629642090448662295/banner/970x250_FR01/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 47003
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKWFt72q4fkCFYiFmgodk_oAVg&gqi=WBIHY9qwGIOR7_UPqZeWmAg&layout=/sadbundle/%24csp%253Der3%24/4629642090448662295/banner/970x250_FR01/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:32 GMT
expires: Thu, 25 Aug 2022 06:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame 11D9 10 KB
5 KB 94ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832139&bpp=2&bdt=369&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7OZ6pbwsUm&p=https%3A//top4top.io&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:40:59 GMT

GET
H2 200 e2875713480840d8712332133311d4ea.js Show response
www.gstatic.com/mysidia/ Frame 11D9 19 KB
8 KB 95ms
27ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7767
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:37:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11D9 8 KB
1 KB 97ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 04:17:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 06:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 06:10:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 11D9 2 KB
902 B 92ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:10:15 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 11D9 6 KB
2 KB 101ms
33ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 22:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 16:51:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 11D9 23 KB
10 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:04:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 11D9 3 KB
1 KB 91ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 05:49:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11D9 140 KB
44 KB 98ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 06:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 11D9 17 KB
8 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:06:43 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 11D9 33 KB
13 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7E7C 67 B
196 B 143ms
78ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832141&bpp=1&bdt=371&idt=197&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zVEvEhmoQc&p=https%3A//top4top.io&dtd=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:27 GMT
x-content-type-options: nosniff
server: cafe
age: 74705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 25 Aug 2022 09:25:27 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/ Frame E28B 2 KB
2 KB 99ms
70ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c89264163143a26eedae167f96d49193376d8486f19e17a31f48be367a8b5ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 80604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 881
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 07:47:08 GMT
expires: Thu, 24 Aug 2023 07:47:08 GMT
last-modified: Wed, 16 Mar 2022 12:19:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame D0DF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag...

42 B
65 B

106ms
53ms

Fetch
image/gif

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27447305.331398891;dc_pre=CK3u3b2q4fkCFVnmuwgd7wIAzg;dc_trk_aid=523637854;dc_trk_cid=168132659;ord=1098277287;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D0DF 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsPaOWBIHY6X5GYiL6gST9YOwBc6P5Zhri9WX79AP-J7Xx6E1EAEgjoyCeWD7AaAB9Li_xQPIAQmoAwHIA0iqBMEBT9AGWmAFKlguwUjgiFbjh2qvX61vPFdxSLzeh44WppHMo7yDwvLLRLFhzf1stpTQ_k4ziCf57v7lOl1Jck90P2XnSHLljavsr1HZxy6x8sP3Qzhe4r1VdAsSNL3PCUOKVuL0laGDIFyptZnhDKM9UcjcPaYvSkquykPfW-j38UF10ok2tO0UzYsmESVp08eTStoh9BBqfH3PV6qDnQkTg6-o-cuMyFWwxZkZsYAcPyoSgFlXT7vZGYW4DT9zsfGh2cAE0Or10owEkgUECAQYAZIFBAgFGASgBi6AB5DSw6UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5LEB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzk3NDkwMjUyMDc2MjAyMxgA&sigh=EUNXhHMXxGs&uach_m=[UACH]&template_id=419

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832141&bpp=1&bdt=371&idt=197&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zVEvEhmoQc&p=https%3A//top4top.io&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 06:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D0DF 23 KB
10 KB 63ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:04:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D0DF 3 KB
1 KB 95ms
68ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:06:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0DF 140 KB
43 KB 109ms
92ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D0DF 17 KB
7 KB 78ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:06:43 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 150 KB
53 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/reactive_library_fy2021.js?bust=31069049

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

783a406e52dbb749601faa0466e33b38e2a4b5643549310536b1640ace9fae96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54615
x-xss-protection: 0
server: cafe
etag: 11547721905863150841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 06:10:32 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9089661642383558194/ Frame 11D9 26 KB
26 KB 91ms
29ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9089661642383558194/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d372b5a18696314dcea58d4dd8b4a44a2a1d5513e8a59b387f6ed838c90db058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 25243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26281
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:49:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 23:09:50 GMT

GET
DATA 200
OK truncated
/ Frame 11D9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 11D9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 11D9 0
0 72ms
70ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqAmDWBIHY6qKGsmO6wT9sbmQC_j_nvNr7Y-l28EP6ILogZwOEAEgjoyCeWD7AaABou-utCjIAQmpAjQ8A9h2v7A-qAMByAPLBKoEuAFP0AJ4uwdrRTbQEDs9UTGRlCUN4XwyiY_BTTugg4tX88Tljze7CTyccuekWBKZq0gBL0tv-Rqy5yntnWPmictMV8sO-xtAIugTe7DCaXRs-j9xfldPK4ygINK60BwWO1vq2OyWtDEcrKFcfJG3DyDisBFG18H8SRLIuMT_Xub2YOuqp_980onGeZ34VxVIewdFchvDaN5qZOQNdKHetc72jXyy_jpkE7X0xrG2czdYo_UyVX7K-fX_wASPnfKn7QOSBQQIBBgBkgUECAUYBKAGLoAHoqf_kwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCnywTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUBdAVAYAXAbIXHAoaCAASFHB1Yi03OTc0OTAyNTIwNzYyMDIzGAA&sigh=YQAX9wUfz4s&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832139&bpp=2&bdt=369&idt=191&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7OZ6pbwsUm&p=https%3A//top4top.io&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 06:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56F7 143 B
163 B 26ms
24ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1661407832&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661407832141&bpp=1&bdt=371&idt=197&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3569785208088&frm=20&pv=1&ga_vid=2003086748.1661407832&ga_sid=1661407832&ga_hid=1503419825&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531513%2C31069049%2C31067826&oid=2&pvsid=3385358624880952&tmod=1234298465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zVEvEhmoQc&p=https%3A//top4top.io&dtd=200
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 05:39:17 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 90ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
34ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame BCB7 10 KB
4 KB 29ms
29ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 20:53:07 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 20:53:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 7060 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 20:53:07 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 20:53:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E28B 9 KB
3 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E28B 26 KB
10 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 26 Aug 2022 04:14:04 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/ Frame E28B 179 KB
48 KB 33ms
31ms Script
application/x-javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d386d1935249c8bb044bbbb3bef0d855a2260709f4a956048ba92922e39d1682

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 534207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49382
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 12:19:45 GMT
server: sffe
date: Fri, 19 Aug 2022 01:47:06 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Aug 2023 01:47:06 GMT

GET
DATA 200
OK truncated
/ Frame D0DF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23237f4245711e590fc29895de86150222b5e3577453d73a72acf7e210b24e00

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 11D9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49f08855476510fea5063c3c3a6e039a951b34e2040d05f8647d98b15c8fe7d6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame BCB7 4 KB
636 B 90ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 04:11:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 06:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCB7 205 B
229 B 25ms
24ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:13:07 GMT
x-content-type-options: nosniff
age: 10646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Aug 2023 03:13:07 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCB7 604 B
628 B 27ms
27ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 01:11:37 GMT
x-content-type-options: nosniff
age: 17936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Aug 2023 01:11:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame BCB7 19 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2D6D 624 B
297 B 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGKXJqc4BMAE&v=APEucNXG0ZxtsUsTjJK8_UampRQsiLmbdpF811hv6uYKRoaHNb18LvIDCKrYQZWF9Oz688_My3enk2EC4uS3oVepjftKTNg3ZYgnwP31Y4fy2Nf-ee6qkUJWeIJy9gcr2lfyWkoiCUcQr9rDO-sYvmLbUY3I7VGQoSw5-FImhb878hZkJZfE5bw

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6758 81 KB
33 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKJCOgyqvcfQ8lUQhbznhMbCOk9o8p-_ETlMbGDw-IpIy3bHcyvDUizyBuBXsPZ1CWuY4MBaRKjnYCNv6ng5nSNXuyc-wZRZ7FOn_QF86OsLmBx1ziy50n0ZFYqUMeg3tJkiVAtrIG75iMCeSLT_orhwu66A&dbm_d=AKAmf-Dm3tkLvSvIuRbxoK5my_vgRAEkOK7GgzfQLwPqxGzT4MYMrzn-kjASPe_-fg8d-lWmsINFaLxMuZ0hyNiaL5feIr1KAehm1HeyQVA-9cAwJRWV2it6PRkhbvEutDzTsznKo1-CCbXin9bmnVg-CntFlx5GrWb7l-fn_cOE9KnG2v21bPQ6g-sYAvhlgeG3qiWU7bAGCLJPlK64Kgf0WJQ2K2fzK7KFwH4ngjEWyR4vZOL0bnGOGwLPjHuuunx_qJ8n0DD_RcmJBKbqWL63Ol1eqyq4wHajdla39IPA6SmjlZV9ozmkc0d-VyulwZKiKe8uLpgltPBy3Ts9bvzyZETBYwLGFJaoa7P75EndON2lnL6jN2rKlnrevmu5FDSppbAjHgZ_fuLMrsM2g42xZYBt9bjItpyi__k1-Ehc6x-Mqo2PRW1bTijmp08fOILzYPS08q8Z8e1fKP1sbUVj8VFGW1ivE96ufffVWkHbbup2u3Sa3nGyF_Lqrrl5YW5bx7BdWhtOT3KVTavZmd8e7kVG2IvOwzwD9YWBVllk8sFSVpmmgkP51AsGtiEGVaVyGvF5A_C1slcS9LwKa-ji1IoE3Qd4M2CIFrcN_G_cEUAR7PPdgyWtr5CowSDZWd_QKEae1w-rpo7N6SboRjvNYp3r77Oqxy8TDKNHUiC5qudqcS52qtVMTnnloeAA_VKM4aqSI4Ogs0JR66hcI_EFFntT21jLXC2pzbJJQ1-ALZBeZRSYnnI7dCgWxAdzo3qtR483SVG_RF5pUnNmv5puokuoGoIUfMhuyzU0y-l5L_9s198XN46RJstn6cB1C7gpe4gcgQAKZOPo2zctlle8ZXT5HFJ8xEj4SHUwul1-oZgsVIUltvOFGiVwzsPWwwCvaBSM9KLI6jmVWDd75qK0o5QSXgPDAyWZubICigVwgdSiTyfp-GnwPyRKTfVAmU3vTB2HmxgbgpjEvFMR0-2S8YUhZvuMq_e_3hsDi3PH2HyKKw14x-_iFxB8U_GB_Mz7I0xqgMZH1Qho_8BFKvEofGEbORJZYlcXDGz8nChDuF0r8Va5mrcOCOOgrJGfVxuRBp__BeE1vOfqCe102F8TrOGlB6LzmjnXqFMBS2kpU8JVFaD0sdljjQHwfk3tRvx42RZWPmCVyElAVB9-ekfZTuGbENmFST4isdUc8AapcOJn2mP7DNDejvS1KkbW-nEugO408DDBSC6B3WmUqP6KRDKf7yoxHwYZrzbwUic3PIT6Zk72MATHZx6EqdBv9iulHcD8eUar6-f5lYfTIS_KaSEORC_fjh0EdZCf3qUh6n1eF6jCcbW8fKu8RWCv7AEBTSNYE4GMSSGTD6eIcZVuuWzaRbGui_uf-k2t3Ut-l6oLBGnTihvTpgX5TR4GbqBi5UViyeFMWDGY34PmJaoD4HoRwYCYsJHNjDW9EA15kEnL3Nc_HpfVmLT2Ce9Jsebf3WsNi8WEDqgFbqzGF6y2MSwqoavJXoPLy-WH6vAaT39uyBJp0KWxxKcbzzAuIeqTF8egPuo270zLkM0Z3RhxO4NoS_hd4xobs7jq5x7PRRmpcSsKQUtkM9CyrgL0aVKNgX2-tsb8uJFRNpgn6hDSVahYvxCkFukcdJK_PNF_njfIF0AqqdXFgr7cXkMVynZR-L8B28g0kOHijlMwux36KwBG_gqwcaBe_wAer0B8lP08IrHL1VehbPv91GVCKTUsc5ttUUcrho2V2iItEj0ppZnLdG0D2Z66pLY02cx9i7dYfM9OXAWS_UqttVt1dpcsbVpD7w27Kvdfqz9Le9P9GSGcJOVjLe8Nt1zATGXBUDwf5VfsEWy8c7SvDZztw1qE6VSax_BFaT7UoCn51hEHhbtamRtZNFPhZCFRmiHmmzWV5Glb0FHfo22mAD4_AFH1jxu7QDg6ZR2iW9jSPvD0pZYwo9e8dwWwcthvI_lXYU9q-FrorBHCixmcZIUvdct3-8liZ7VtlroOsi2lZoz2TOg4hBLksRA4eIINt-ZfEe63gH3X3FuaNsOkKZsJqzc2hxwJfPE2wj3SSsURRpDAAtE1GYPaZR5Y-WaX440KqKZy5Z_Ww8lXH735rKMZRYtOUL6oBfcwE7Uadn4dJdaKn8HwAjzgI-krcNmtibUzUVb50OTuu0YFwi0D4F-UHr_Nm5bjXQKVj-GgVFaOSW_Tq5-DuwWPzL6eF6jE7QJ9Rivy4Beec9FaqgKAi4D5NYtb7pSIzajkruM_gCMjQ3Q1lwydxQ5DdmcQLjP6XOvT3Ow4Kb6x5cKIK-9-8O0jVTstFwBd0XLPyaxw0yq_uNocrvtX7XTq-vzLqNfjQY8RIMaL1gr0AyqL-_Q13faxUMcuqrdYH9f67I-QiuCXDinTWJyVE7x1XGLqdU1cGwe-DLTfg4Q_XKGAwiMJ3ilvxINLCYbLjVWu6wz-TibKPz6DDOP9OAgVuU11NfOm69Dhg7gqwJovMFJT4pQGY2M6X6fmXsk8lSalNLY_L2o6JzSJqjp23kU4bRo07__jODVSEX0n6ciHjlAGZlpJSnrU1Q54NrXoH3KWjdbekNABa_262zdsJcoOoDLycIBe2Mhmefw5xxoAd-3PpF_vYRZS3yyl97n3Pvjcrgih6IoTb8S3lnuGyMsha6tp47bhGRuwi91DcBqjMXEoxe4aMZWqz8mx5Cbbu9SZFsb11yrA2quBINvgoB1YCwDPEfLJZgfKRU2Jh4Vw7xb0JHuP45nbuNn-Uo9KM0a4RiwIDoLWSWAamMLg7UnrhtWhnXNMtKFMOTRBz-3xFZJESe4jPI426Zh_dNC1VPCGcVZfzmbnVO065bDvWryeFNHDD_E5pT2UOTn76b_eu3Es-N4H4gVAZWFn6EXG6Gepa__owH4ht1ltKjgUIcIHJqpp6oTb74rjOSTPyFhmCiEzXw1XnjvjMJwwJsm1uj5rARHEz8lQ0UBwYQ9CEsjb-eT85DplEL7GtPQHCagRnEblB4UoNG9XxgrAWZe0kj8cSosqmO-mV1yI21JWnvmic8wqG6gOvVrGfnRKOn6-k6E&cid=CAQSGwCsnQUxsXIEoE_LIG9A5iDMgaeCDmijuqboyBgBIA4&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95842c4f6cb21ac6f06eca313cffe415b6a6f999f3c9d8152b7abc2b1d86b406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6758 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 05:49:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6758 140 KB
43 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6758 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:01:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6758 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Db2wdJ1gNRNPWyeX_6zcq6isQUSCYJz8kGhXdxg11JLOpIZcSiZ3HVT_ASe7BB9SjK7Wp-VTH0jXkg-IQKZzKRfvd7i6PjGLifLh3UnJulIm15st8

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 11D9 28 KB
28 KB 88ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 34419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:36:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6758 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220822&sample=0.01

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:33 GMT
expires: Thu, 25 Aug 2022 06:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame C033 36 KB
14 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 04:34:26 GMT

GET
H3 200 970x250_FR01.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/ Frame E28B 169 KB
18 KB 81ms
26ms XHR
application/json 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/970x250_FR01.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb44773fc6fae1721f11dc86369efa56c8e1bc2a965193db84e1ab4c14c3d657

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 80601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18719
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 12:19:45 GMT
server: sffe
date: Wed, 24 Aug 2022 07:47:12 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 07:47:12 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11D9 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRArIQAAAAAAABhAMAQKDRADIQAAAMzMuIVAMAQKDRAKIQAAAIBm5jNAMAQKDRANIQAAAAAAAAAAMAQKDhAeKggxMTQweDI4MDAECg4QGSoIMTE0MHgyODAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAZmZehkAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAPEAwBAoNEAUhAAAAAABghkAwBAoNEBAhAAAAAAB230AwBAoNEBEhAAAAAMBy0UAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAANDPfiUAwBAoNEBQhAAAAAGDN50AwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAmplti0AwBAoNEDIhAAAAAKCZ2T8wBAoNEDMhAAAAAJqZBUAwBAoNEDQhAAAAAJqZBUAwBAoNEDUhAAAAAJqZBUAwBAoNEDYhAAAAoJkZR0AwBAoNEDchAAAAAJqZBUAwBAoNEDghAAAAQDMzR0AwBAoNEDkhAAAAAADQeUAwBAoNEDohAAAAaGZuekAwBAoNEDshAAAANDPbiUAwBAoNEDwhAAAANDPbiUAwBAoNED0hAAAANDPfiUAwBAoNED4hAAAAAAAYi0AwBAoNED8hAAAAAAAYi0AwBAoNEEAhAAAAzMyAi0AwBBIaQ0txV3Q3MnE0ZmtDRlVuSG1nb2RfVmdPc2ciCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2D6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1

43 B
911 B

94ms
71ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGKXJqc4BMAE&v=APEucNXG0ZxtsUsTjJK8_UampRQsiLmbdpF811hv6uYKRoaHNb18LvIDCKrYQZWF9Oz688_My3enk2EC4uS3oVepjftKTNg3ZYgnwP31Y4fy2Nf-ee6qkUJWeIJy9gcr2lfyWkoiCUcQr9rDO-sYvmLbUY3I7VGQoSw5-FImhb878hZkJZfE5bw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 74022a4ece8dd67a-CDG
pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IULnNsB%2F5e1Wc%2BhyqD1Tza5kqRsMP4kmfvqu5lgEa2qwpgsJrIJjE02Euc9X%2FxxQdsgHsYqiHZy8ZsFCdYm8wU6WDtjDHPgCJZaUJjT7Jblo0AqSF3Kzv1WK%2Fe8J%2BVtKIv0kwHuEMb8kzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2D6D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwcSWbIKft4OWBNdb5QahQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1

43 B
909 B

40ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGKXJqc4BMAE&v=APEucNXG0ZxtsUsTjJK8_UampRQsiLmbdpF811hv6uYKRoaHNb18LvIDCKrYQZWF9Oz688_My3enk2EC4uS3oVepjftKTNg3ZYgnwP31Y4fy2Nf-ee6qkUJWeIJy9gcr2lfyWkoiCUcQr9rDO-sYvmLbUY3I7VGQoSw5-FImhb878hZkJZfE5bw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 74022a4fafabd67a-CDG
pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXbuNhg6B%2F2p9ItHPzYFN%2FxBWI5ud%2BZZXrfrV8AdbKKY6cCyxDMsFK1QZJhqitI4oTie5%2FO7njghuLncs3ayMP2%2BtRbgkibkhP0b56Bc0Xzl8bBs7eoh1f52NNK3rJIxHLb6kZLaYxiqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPeuKmSHZsf7zcWsupTAAQ8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2D6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMJhAnlxArC4piGBh5xNHtg&google_cver=1

43 B
1014 B

24ms
24ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMJhAnlxArC4piGBh5xNHtg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGKXJqc4BMAE&v=APEucNXG0ZxtsUsTjJK8_UampRQsiLmbdpF811hv6uYKRoaHNb18LvIDCKrYQZWF9Oz688_My3enk2EC4uS3oVepjftKTNg3ZYgnwP31Y4fy2Nf-ee6qkUJWeIJy9gcr2lfyWkoiCUcQr9rDO-sYvmLbUY3I7VGQoSw5-FImhb878hZkJZfE5bw

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 06:10:33 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 72ccba7a-6afd-432c-a9d0-36a7947944c0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMJhAnlxArC4piGBh5xNHtg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2D6D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyOTgzOTE3NTE2NjI1NzA3Mg%3D%3D

170 B
190 B

93ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyOTgzOTE3NTE2NjI1NzA3Mg%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 06:10:33 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 25361cbc-8873-4ffe-aef0-207f5462b83a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyOTgzOTE3NTE2NjI1NzA3Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame E28B 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 04:34:26 GMT

GET
H3 200 img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/images/ Frame E28B 75 KB
75 KB 27ms
26ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4629642090448662295/banner/970x250_FR01/images/img_0.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0472114d49eea6adad782f1f8bb937e31274cb9ce7cc53ec78a30aa85b054cba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 534204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76724
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 12:19:45 GMT
server: sffe
date: Fri, 19 Aug 2022 01:47:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Aug 2023 01:47:09 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6758 106 KB
38 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 6758 8 KB
3 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKJCOgyqvcfQ8lUQhbznhMbCOk9o8p-_ETlMbGDw-IpIy3bHcyvDUizyBuBXsPZ1CWuY4MBaRKjnYCNv6ng5nSNXuyc-wZRZ7FOn_QF86OsLmBx1ziy50n0ZFYqUMeg3tJkiVAtrIG75iMCeSLT_orhwu66A&dbm_d=AKAmf-Dm3tkLvSvIuRbxoK5my_vgRAEkOK7GgzfQLwPqxGzT4MYMrzn-kjASPe_-fg8d-lWmsINFaLxMuZ0hyNiaL5feIr1KAehm1HeyQVA-9cAwJRWV2it6PRkhbvEutDzTsznKo1-CCbXin9bmnVg-CntFlx5GrWb7l-fn_cOE9KnG2v21bPQ6g-sYAvhlgeG3qiWU7bAGCLJPlK64Kgf0WJQ2K2fzK7KFwH4ngjEWyR4vZOL0bnGOGwLPjHuuunx_qJ8n0DD_RcmJBKbqWL63Ol1eqyq4wHajdla39IPA6SmjlZV9ozmkc0d-VyulwZKiKe8uLpgltPBy3Ts9bvzyZETBYwLGFJaoa7P75EndON2lnL6jN2rKlnrevmu5FDSppbAjHgZ_fuLMrsM2g42xZYBt9bjItpyi__k1-Ehc6x-Mqo2PRW1bTijmp08fOILzYPS08q8Z8e1fKP1sbUVj8VFGW1ivE96ufffVWkHbbup2u3Sa3nGyF_Lqrrl5YW5bx7BdWhtOT3KVTavZmd8e7kVG2IvOwzwD9YWBVllk8sFSVpmmgkP51AsGtiEGVaVyGvF5A_C1slcS9LwKa-ji1IoE3Qd4M2CIFrcN_G_cEUAR7PPdgyWtr5CowSDZWd_QKEae1w-rpo7N6SboRjvNYp3r77Oqxy8TDKNHUiC5qudqcS52qtVMTnnloeAA_VKM4aqSI4Ogs0JR66hcI_EFFntT21jLXC2pzbJJQ1-ALZBeZRSYnnI7dCgWxAdzo3qtR483SVG_RF5pUnNmv5puokuoGoIUfMhuyzU0y-l5L_9s198XN46RJstn6cB1C7gpe4gcgQAKZOPo2zctlle8ZXT5HFJ8xEj4SHUwul1-oZgsVIUltvOFGiVwzsPWwwCvaBSM9KLI6jmVWDd75qK0o5QSXgPDAyWZubICigVwgdSiTyfp-GnwPyRKTfVAmU3vTB2HmxgbgpjEvFMR0-2S8YUhZvuMq_e_3hsDi3PH2HyKKw14x-_iFxB8U_GB_Mz7I0xqgMZH1Qho_8BFKvEofGEbORJZYlcXDGz8nChDuF0r8Va5mrcOCOOgrJGfVxuRBp__BeE1vOfqCe102F8TrOGlB6LzmjnXqFMBS2kpU8JVFaD0sdljjQHwfk3tRvx42RZWPmCVyElAVB9-ekfZTuGbENmFST4isdUc8AapcOJn2mP7DNDejvS1KkbW-nEugO408DDBSC6B3WmUqP6KRDKf7yoxHwYZrzbwUic3PIT6Zk72MATHZx6EqdBv9iulHcD8eUar6-f5lYfTIS_KaSEORC_fjh0EdZCf3qUh6n1eF6jCcbW8fKu8RWCv7AEBTSNYE4GMSSGTD6eIcZVuuWzaRbGui_uf-k2t3Ut-l6oLBGnTihvTpgX5TR4GbqBi5UViyeFMWDGY34PmJaoD4HoRwYCYsJHNjDW9EA15kEnL3Nc_HpfVmLT2Ce9Jsebf3WsNi8WEDqgFbqzGF6y2MSwqoavJXoPLy-WH6vAaT39uyBJp0KWxxKcbzzAuIeqTF8egPuo270zLkM0Z3RhxO4NoS_hd4xobs7jq5x7PRRmpcSsKQUtkM9CyrgL0aVKNgX2-tsb8uJFRNpgn6hDSVahYvxCkFukcdJK_PNF_njfIF0AqqdXFgr7cXkMVynZR-L8B28g0kOHijlMwux36KwBG_gqwcaBe_wAer0B8lP08IrHL1VehbPv91GVCKTUsc5ttUUcrho2V2iItEj0ppZnLdG0D2Z66pLY02cx9i7dYfM9OXAWS_UqttVt1dpcsbVpD7w27Kvdfqz9Le9P9GSGcJOVjLe8Nt1zATGXBUDwf5VfsEWy8c7SvDZztw1qE6VSax_BFaT7UoCn51hEHhbtamRtZNFPhZCFRmiHmmzWV5Glb0FHfo22mAD4_AFH1jxu7QDg6ZR2iW9jSPvD0pZYwo9e8dwWwcthvI_lXYU9q-FrorBHCixmcZIUvdct3-8liZ7VtlroOsi2lZoz2TOg4hBLksRA4eIINt-ZfEe63gH3X3FuaNsOkKZsJqzc2hxwJfPE2wj3SSsURRpDAAtE1GYPaZR5Y-WaX440KqKZy5Z_Ww8lXH735rKMZRYtOUL6oBfcwE7Uadn4dJdaKn8HwAjzgI-krcNmtibUzUVb50OTuu0YFwi0D4F-UHr_Nm5bjXQKVj-GgVFaOSW_Tq5-DuwWPzL6eF6jE7QJ9Rivy4Beec9FaqgKAi4D5NYtb7pSIzajkruM_gCMjQ3Q1lwydxQ5DdmcQLjP6XOvT3Ow4Kb6x5cKIK-9-8O0jVTstFwBd0XLPyaxw0yq_uNocrvtX7XTq-vzLqNfjQY8RIMaL1gr0AyqL-_Q13faxUMcuqrdYH9f67I-QiuCXDinTWJyVE7x1XGLqdU1cGwe-DLTfg4Q_XKGAwiMJ3ilvxINLCYbLjVWu6wz-TibKPz6DDOP9OAgVuU11NfOm69Dhg7gqwJovMFJT4pQGY2M6X6fmXsk8lSalNLY_L2o6JzSJqjp23kU4bRo07__jODVSEX0n6ciHjlAGZlpJSnrU1Q54NrXoH3KWjdbekNABa_262zdsJcoOoDLycIBe2Mhmefw5xxoAd-3PpF_vYRZS3yyl97n3Pvjcrgih6IoTb8S3lnuGyMsha6tp47bhGRuwi91DcBqjMXEoxe4aMZWqz8mx5Cbbu9SZFsb11yrA2quBINvgoB1YCwDPEfLJZgfKRU2Jh4Vw7xb0JHuP45nbuNn-Uo9KM0a4RiwIDoLWSWAamMLg7UnrhtWhnXNMtKFMOTRBz-3xFZJESe4jPI426Zh_dNC1VPCGcVZfzmbnVO065bDvWryeFNHDD_E5pT2UOTn76b_eu3Es-N4H4gVAZWFn6EXG6Gepa__owH4ht1ltKjgUIcIHJqpp6oTb74rjOSTPyFhmCiEzXw1XnjvjMJwwJsm1uj5rARHEz8lQ0UBwYQ9CEsjb-eT85DplEL7GtPQHCagRnEblB4UoNG9XxgrAWZe0kj8cSosqmO-mV1yI21JWnvmic8wqG6gOvVrGfnRKOn6-k6E&cid=CAQSGwCsnQUxsXIEoE_LIG9A5iDMgaeCDmijuqboyBgBIA4&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:00:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 6758 30 KB
12 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 05:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 05:57:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D2B7 8 KB
893 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 04:12:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 06:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D2B7 2 KB
902 B 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:10:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D2B7 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 05:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 05:53:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D2B7 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 05:49:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2B7 140 KB
43 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D2B7 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 06:01:43 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame D2B7 33 KB
13 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6758 41 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame 6758 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 688da19de08d3ab98397aae3929fb3477ecaafe4fd6d559e9ed04bcaf88b3e11

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3DC 143 B
163 B 25ms
24ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 05:39:17 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatad.js Show response
z.moatads.com/havasfrorangedcmdisplay758646212611/ Frame 6758 326 KB
110 KB 199ms
41ms Script
application/x-javascript 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7cc6282793df792d4719dce6b6102380ba1c6e01f19afd019c0764faff0802e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:33 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 15:28:07 GMT
server: AmazonS3
x-amz-request-id: YX8G721FAGQ9335M
etag: "a346f7b46a4378101acf829e99c7197a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13642
accept-ranges: bytes
content-length: 112206
x-amz-id-2: PKKyOZxWwflYiCHX/523TdnWNdN6hkQNXhjgvwZtCt0nZe9Tp4Mg8Ux3Tn2x3mTzOwEf2lkVdQ4=

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9351481304997061281/ Frame 1FE3 83 KB
25 KB 82ms
26ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8865943d3422725377690e05f2bc63033e28871fb0c139b2368f8e1d3a024f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 594136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26026
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 09:08:17 GMT
expires: Fri, 18 Aug 2023 09:08:17 GMT
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6758 0
811 B 142ms
70ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstScXyNxEvYVSeN3W1w2f7oEypmzVm6YPQBsAll36qU30HLjTY1u0xL4Ra_hLBEaYjSgl6Bvs7f3dKIFgkYre4Ad-ddAUNC4LyJU-S3A0joEQFRN0YZ3ZrT-BeoHR4WFANt1fyhBzXJfYxH-6vEY-QpA3x-_ikECEc2KBFmRd9uBrV-egQ9Wu99U01uUC1FlSmtCCgGVZI54Dt3oxKRAk4gtP9mTNX2uTbAm3g0SyuJ1XTEwe-z3K9koL_qX79DILr2wR2DY1XU5TA1GoGNpLvVt_xR-YYwlUJVMDeGVfcmuR4MOijIpf8b_ln8uqO9sureHnVrBH-sXqSNJbhIYnBbEg5I1Hkm0PPHw1buFJdNwsmHcctkfmEd942azH3Vzt91Ql1fdZThyAjWgUa9aMSy3Yx4d2xwtNhmctbthWMcvoNJR8Bok8nFE2lFs79csHzYjTI6XjQEmc97WqA5uE_YUyMg30AmQgx5G3kM-E5vgIgwEMYeYkn1aVDteMqFsX2ySZiQK6RJ2vXt1tbIEH1V4Q0oncFU0CqmTjr-tvRZdaNsCS_Dqyzuhc3k30wcs7Rucb-fdZZunE9xW2oU70CLF5selNJ2J58SCZsUguz0I-Ek1lNcFOH5Ej6BWWfcVyANSoWhlXG6vmpMZsxx_wTohgVSxq9_KIiVAP2h4WRmgLdoX6EBQB8jtn1Yi2zPzXGaUgMvqV8XIyu-DWEjTkGgBvT8ntIPo543UzmsbRSfSquAj-QTmkApADij-k1MVwa-vEEglcnRLaBPQsU3BAqdXwpYmL9qcZQpMsKVIWrM1zAjkB5E1DcGPyw_isAx_8psACT5mYzLARZJ-YnItSAiAsjLIBBX4Zwa_Mj47sHll8B-H3LwUgtCdD0Xg_eAKXrmmKt10Fsq7-sqhWUJHOCUMmbbyKvJT16mCyZZ8eFRE12NSVo2IOAGh-jJiAmgzKcTwi4BEgGa-xneaDO5jQ6_jgInwaB2yqI5h1lfEtjFXnPw5g7EX5PoJYDR3Av0AIFn1SFZKWkUHYVVFdHgRYBvU7sNdN8pCN6CLZMFECf_GydVMm7nT4wuwbLbeFmpUO8LS8yS6g2wyhy5xmbhhOEFPYXaKMnt7dJu3KKfyY5_Qwm7_WuDJt-tQ2M_z2wWmpREIAmCgd3onDzrnOKutbSok6Sj7rIEtc3RbOTN_1kop8M&sai=AMfl-YTxazlBqr4AWuIEx65bnk3shRX7hKXH96p9a0j7EE9v23sxSf71WqgBddSfOev9aqAgFi2a5Kctnd32YDxesjtSe5asDs45c1kJOb8lRjRlcuXXFSslamSfPcmQJTQhnFpZUTHwp1Yj97vx7sGNsrA4XeS6pRX4xbEmE4QpGPQdCrG2WMNO21uyC0GV8jR761LjRFROwvIBuQ&sig=Cg0ArKJSzJLJ7KuiRER7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=138&cisv=r20220822.08067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
date: Thu, 25 Aug 2022 06:10:33 GMT
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F62F 22 KB
8 KB 25ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 61338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3DC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:33 GMT
expires: Thu, 25 Aug 2022 06:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame C4EC 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 04:34:26 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame F62F 36 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 04:34:26 GMT

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/9351481304997061281/ Frame 1FE3 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c656dc5051ef4137835e26910f9853ec4ffd978d98c0f5bf10e0add252f15fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 pastille3.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 149 B
176 B 28ms
27ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/pastille3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

546334620f7b9096db669a6a2a5c11c0acf11aefb950a167cd1b0a6c18c2cb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 pastille.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 442 B
469 B 37ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/pastille.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2a149407edd9b2b24ad7a30606b3109586900488daabc534e2334373ab99ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 442
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 pastille1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 798 B
825 B 35ms
34ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/pastille1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9850533a561ca31f68aa261ff27600ae292a2443cab1569419d16363a5466513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 798
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 pastille2.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 819 B
846 B 35ms
32ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/pastille2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2ade5ee00d5f3418b9368fe1ffbb6db4cba93fef068319412760f226ed7dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 819
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 offre.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 486 B
513 B 42ms
39ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/offre.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ea4716f75272b98d47e9103e6f90a6cab336b442deee5cca631ef898514972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 486
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 argu.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 616 B
643 B 40ms
37ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/argu.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df59603e1c3202806d218d9eb30dedd479bd860bf346921a5d88b8fbb0fda22c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 argu1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 831 B
858 B 40ms
37ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/argu1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd35439ab63f8e8116267e542d4f59c66ecd593b25a6c26392210e24802ef0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 831
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 argub.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 453 B
480 B 39ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/argub.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e3257fcbf6b779cc19034af0025a7ae959547a953f4c5464c0e5884ec2460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 argub1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 662 B
689 B 38ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/argub1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f4f8668df1e10afc5972f25ae25c4dc152459750efa9c929339c92e704fba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 662
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 arguc.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 1 KB
1 KB 37ms
35ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/arguc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

301d414eebebbfdf7cdf3c97d44d4a5bc8f2402e8a085e0e5de59f9c96369bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 arguc1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 995 B
1022 B 38ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/arguc1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fd2d2c2ec6291f0d44554385d53126ef15eb959a0062c060da9c4970a6ad61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 415 B
442 B 35ms
32ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/footer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568473f2974f5a2b81b394dab0cd25b79e8da409e66b9ca6df2f8990e169b307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 footer1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 525 B
552 B 36ms
33ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/footer1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a9009fbf152fa6471612f9baa8dde49a49f436d649df5660c6fa53c2aee0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 525
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 claim.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 831 B
858 B 36ms
34ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/claim.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17231ad98c56e63280ab05a62ad868af3348ffd63ab8b3e8c268c066a638958d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 831
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 claim1.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 488 B
515 B 35ms
33ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/claim1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26454827c8b37c53be9552cafa29372a8052654b568c9711061986c33f4cc32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 488
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 claim2.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 758 B
785 B 43ms
41ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/claim2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b9f2e2664a3457c5b6309ec6146d108343908aa77290bd88ecbf788e53bd4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 758
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 ml.png
s0.2mdn.net/sadbundle/9351481304997061281/img/ Frame 1FE3 8 KB
8 KB 41ms
39ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/img/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0064301c1aad3b65fa37ddf6c54210678a2d0672ab71428b8687784f102889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
H3 200 scripts.min.js Show response
s0.2mdn.net/sadbundle/9351481304997061281/ Frame 1FE3 78 KB
29 KB 25ms
25ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9351481304997061281/scripts.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed136219755cbd8c80d88d0aede3248129eebda483327af9481e9078da2273d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9351481304997061281/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 13:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:08:17 GMT

GET
DATA 200
OK truncated
/ Frame 1FE3 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6758 0
28 B 115ms
63ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstScXyNxEvYVSeN3W1w2f7oEypmzVm6YPQBsAll36qU30HLjTY1u0xL4Ra_hLBEaYjSgl6Bvs7f3dKIFgkYre4Ad-ddAUNC4LyJU-S3A0joEQFRN0YZ3ZrT-BeoHR4WFANt1fyhBzXJfYxH-6vEY-QpA3x-_ikECEc2KBFmRd9uBrV-egQ9Wu99U01uUC1FlSmtCCgGVZI54Dt3oxKRAk4gtP9mTNX2uTbAm3g0SyuJ1XTEwe-z3K9koL_qX79DILr2wR2DY1XU5TA1GoGNpLvVt_xR-YYwlUJVMDeGVfcmuR4MOijIpf8b_ln8uqO9sureHnVrBH-sXqSNJbhIYnBbEg5I1Hkm0PPHw1buFJdNwsmHcctkfmEd942azH3Vzt91Ql1fdZThyAjWgUa9aMSy3Yx4d2xwtNhmctbthWMcvoNJR8Bok8nFE2lFs79csHzYjTI6XjQEmc97WqA5uE_YUyMg30AmQgx5G3kM-E5vgIgwEMYeYkn1aVDteMqFsX2ySZiQK6RJ2vXt1tbIEH1V4Q0oncFU0CqmTjr-tvRZdaNsCS_Dqyzuhc3k30wcs7Rucb-fdZZunE9xW2oU70CLF5selNJ2J58SCZsUguz0I-Ek1lNcFOH5Ej6BWWfcVyANSoWhlXG6vmpMZsxx_wTohgVSxq9_KIiVAP2h4WRmgLdoX6EBQB8jtn1Yi2zPzXGaUgMvqV8XIyu-DWEjTkGgBvT8ntIPo543UzmsbRSfSquAj-QTmkApADij-k1MVwa-vEEglcnRLaBPQsU3BAqdXwpYmL9qcZQpMsKVIWrM1zAjkB5E1DcGPyw_isAx_8psACT5mYzLARZJ-YnItSAiAsjLIBBX4Zwa_Mj47sHll8B-H3LwUgtCdD0Xg_eAKXrmmKt10Fsq7-sqhWUJHOCUMmbbyKvJT16mCyZZ8eFRE12NSVo2IOAGh-jJiAmgzKcTwi4BEgGa-xneaDO5jQ6_jgInwaB2yqI5h1lfEtjFXnPw5g7EX5PoJYDR3Av0AIFn1SFZKWkUHYVVFdHgRYBvU7sNdN8pCN6CLZMFECf_GydVMm7nT4wuwbLbeFmpUO8LS8yS6g2wyhy5xmbhhOEFPYXaKMnt7dJu3KKfyY5_Qwm7_WuDJt-tQ2M_z2wWmpREIAmCgd3onDzrnOKutbSok6Sj7rIEtc3RbOTN_1kop8M&sai=AMfl-YTxazlBqr4AWuIEx65bnk3shRX7hKXH96p9a0j7EE9v23sxSf71WqgBddSfOev9aqAgFi2a5Kctnd32YDxesjtSe5asDs45c1kJOb8lRjRlcuXXFSslamSfPcmQJTQhnFpZUTHwp1Yj97vx7sGNsrA4XeS6pRX4xbEmE4QpGPQdCrG2WMNO21uyC0GV8jR761LjRFROwvIBuQ&sig=Cg0ArKJSzJLJ7KuiRER7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&vt=11&dtpt=233&dett=3&cstd=138&cisv=r20220822.08067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
server: cafe
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F62F 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK7nGWRIHY-LUDYKNgAfCya_wAQAAAAA4AeAEAg&bg=!FhWlFVHNAAYUOm8VNDo7ACkAdvg8WheAGQ0h1uCiLQzNq4yTmuKADiMqb9FJJ6KaIJUla8Eb00O-wAIAAACDUgAAAAJoAQeZAx7uZcjyxrrOWK3F2CiumFGH4ystVpDjhi-p7roOZ4lGkjDoRfzhSNUWLGSD0Hg7UVB5FUz2YXeyejm-rMJCMjGVF5mmhIlPAGc1mQ_jd09MsKcywccBM2pEy5Yet3O1S1zydo6U21gKGcmjsD-mFZJDMY3ybpESinSo2a1gnaADqE2s_qgVtBESsH5o4eicuVrldRLRgKvKCoRRfe_ThJXABhHBjAaKOOtc2PX_R9cPokZ-CyGDKtVATOERmyngCq_11q2LRnELyl194BdE1XHLtpbFOLtjzzcqe6QvKixuVW6NttaIrIP9gOcVUmZf8nFgvaZ_7fjkIIybrBPfJ6Ev-0JON_4P_02gvv7Ie8Dwc7uFzSlymDMEeJZXcaxk8qbtFOvyPW_ickFfdROlrYKZcryQsYBIgMIv3SWH2ULDSeS_ZIiWD9hRsE25lPEa78q_UyQJcSakD6FsD5bGLV1kj1fplOTs3DM3CFGgTI1TjcpNeRSrxhBlyV0wFLzrKvg2KQmaIjNDgJ_yFkImg3bzTFJsclR1cgHKNYC1C_Upff0Qxv-otmebFJzaQEiHkmSdI-9VDEnrD11IRhwnC2NuKCjhTUtczp-OBXBpr88f-vCShy4K44BSUEDN5xKkvQhY6fawNTuTKxeltnD_We0cDps2QHmWWTNZHZ51D6i8oEJ6_hnHSf96hYTTMVj0ZMNTYcb0qhWTwvO72ATA_pASBwkXsawAgdYOhoXqdCPItS3GDq7vmctPD-y2nREdClvdCUrcmRvd9N3-t5g1zPy_NTHPjU-9kSx3u_as4NA_tcvUFqQqCVFhNoX9sBqVdC5jv7ILwtg-fff62qTAw6YpZrkMAarVkh_KLQdmZkQrs0IQgS5y5-d5WsAfdsfjicLsNFPD1IWCWDp-FsPtcW8ExyNHb6XImSVzw3J72R0-Es7a8MQ5niUOs_5dFTFzpZuLmRO1QlOnt5dH8bqfgdeKdUA96DMZng05FKGhZOHlHcbirfvBeOzFLc3FmlLmkaGVQJH5Njpv4XVhM6xdjMX6LNG1Fi8oXDGRWp9JhFI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 7060 96 B
269 B 155ms
26ms Script
text/html 18.132.175.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&m=0&ar=1da355aa18f-clean&iw=35b1423&q=2&cb=0&ym=0&cu=1661407833818&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=28040725%3A4440622%3A340065066%3A176028487&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&bo=top4top.io&bd=top4top.io&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A119&jk=-1&jm=-1&fs=199703&na=282680529&cs=0&ord=1661407833818&jv=903442245&callback=DOMlessLLDcallback_18083121
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.175.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-175-146.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 225bda1d2106ae7ca276032199049fb9122358ace9b22dd34e1f8139d211f308

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:34 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "705d713a85ca38c337c94f217e4400a9a2e96676"
content-length: 96
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 7060 278 B
453 B 162ms
30ms Script
text/html 52.56.103.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Ftop4top.io%2F&pcode=havasfrorangedcmdisplay758646212611&ord=1661407833818&jv=380482821&callback=BrandSafetyNadoscallback_18083121
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.103.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-103-253.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: c421037be2f8873d980c5f76443ab1a53053644b3cec4a721c57d3c5a9fb9a9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:34 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "f36ff7446b4d0614f38ba3fb25ae80e80aff7915"
content-length: 278
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 55ms
41ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&m=0&ar=1da355aa18f-clean&iw=35b1423&q=3&cb=0&ym=0&cu=1661407833818&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=28040725%3A4440622%3A340065066%3A176028487&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&bo=top4top.io&bd=top4top.io&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A119&jk=-1&jm=-1&fs=199703&na=1910748362&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 41ms
40ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F9351481304997061281%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&cu=1661407833818&m=69&ar=1da355aa18f-clean&iw=35b1423&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A119&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=0&ah=50&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=28040725%3A4440622%3A340065066%3A176028487&bo=top4top.io&bd=top4top.io&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=199703&na=1834350076&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 41ms
40ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&cu=1661407833818&m=208&ar=1da355aa18f-clean&iw=35b1423&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lh=31&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A-%3A-%3A0%3A119&aa=0&ad=72&cn=0&gk=72&gl=0&ik=72&ic=72&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=50&ah=50&am=50&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=28040725%3A4440622%3A340065066%3A176028487&bo=top4top.io&bd=top4top.io&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=199703&na=742414975&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 462ms
54ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=50&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=1&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 464ms
56ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=50&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=2&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 465ms
57ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=72&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=3&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 465ms
58ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=72&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=4&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11D9 42 B
64 B 110ms
60ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscH0OpbpbuypGHgymbWDKNNAbEJ6O-REybR_BgpnDD0JRO43Sry9l2z8d1trO1s6ZFepN8aZGrLlTJiwZwTWmz9eKbNjhhR1wQ8HT-ePW7VsJaHsJLdmaFzZvNmum9sk0pLQR79H8DZwE7&sai=AMfl-YQkttK58KjCK9nK3MoXLfxkpNpnBwbEwSYcUNJ8DrMO7GG_n7LCRf6tzgGdln41CYzFzkf2G2VsqA9k&sig=Cg0ArKJSzFtN5vy_Ex8GEAE&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1798011881&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661407832334&rpt=878&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 280ms
59ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=275&fi=1&apd=397&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=5&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 39ms
39ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322063180fa4d08654d636750862a9aabfc93f83cb8dfc238e089a998160f790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 06:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11099
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 06:10:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2EC9 13 KB
5 KB 27ms
25ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 5768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 04:34:26 GMT
expires: Fri, 25 Aug 2023 04:34:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 62B8 783 B
535 B 35ms
34ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

517febaf6d30717c2da9bab49d299a7f764101845173da8601cbdbb69ea47e03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QAXYdnsKBqZgusjDGfCWFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QAXYdnsKBqZgusjDGfCWFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 06:10:34 GMT
expires: Thu, 25 Aug 2022 06:10:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6758 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJvavdqJhpO9iTzbsoUdX12rUtgzekuyQjHcRKdb-4_uPQ4hNakkRCqKEuPu_rsmlKXUIcnkv8RAfWn5KzEgR9g9JrGuDPGHLJeJ_yEKl0zlNfthASWi7cx4UxrzC_CbBSULh55lKdUmmd&sai=AMfl-YQdM9ootDv-_Lb7YXHCxTSoPb4XCXaQLT0iMt8qBt_KmMAX1a2d8-TPjRtSRw9uuftYdAgey1-AZ69k&sig=Cg0ArKJSzKUbhi7pSzeoEAE&cid=CAQSGwCsnQUxsXIEoE_LIG9A5iDMgaeCDmijuqboyBgBIA4&id=lidar2&mcvt=1007&p=0,0,90,728&mtos=530,1007,1007,1007,1007&tos=530,477,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661407833189&rpt=435&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 06:10:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EC9 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 04:34:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 41ms
40ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&cu=1661407833818&m=1223&ar=1da355aa18f-clean&iw=35b1423&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=158&lg=1&lh=31&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1410%3A119&aa=1&ad=1088&cn=72&gn=1&gk=1088&gl=72&ik=1088&ic=1088&ez=1&co=1088&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=50&ah=1009&am=50&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=28040725%3A4440622%3A340065066%3A176028487&bo=top4top.io&bd=top4top.io&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=199703&na=1244986857&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:35 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 38ms
38ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1009&tet=1088&fi=1&apd=1210&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=6&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 41ms
41ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&cu=1661407833818&m=1224&ar=1da355aa18f-clean&iw=35b1423&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=158&lg=1&lh=31&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1410%3A119&aa=1&ad=1088&cn=1088&gn=1&gk=1088&gl=1088&ik=1088&ic=1088&ez=1&co=1088&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=28040725%3A4440622%3A340065066%3A176028487&bo=top4top.io&bd=top4top.io&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=199703&na=2003773907&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7060 43 B
274 B 41ms
41ms Image
image/gif 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=4139626944&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk3M%5EIz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijQK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-l0aFek%2FeXjptXQ%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftop4top.io%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftop4top.io&lp=https%3A%2F%2Ftop4top.io&t=1661407833818&de=217545459439&cu=1661407833818&m=1225&ar=1da355aa18f-clean&iw=35b1423&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=158&lg=1&lh=31&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1410%3A119&aa=1&ad=1088&cn=1088&gn=1&gk=1088&gl=1088&ik=1088&ic=1088&ez=1&co=1088&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=28040725%3A4440622%3A340065066%3A176028487&bo=top4top.io&bd=top4top.io&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=17603934931&zMoatDBMIOID=1008310465&zMoatDBMCreaID=432694437&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=199703&na=1505573834&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62B8 0
0 67ms
66ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=3385358624880952&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2EC9 0
12 B 26ms
24ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7QgVXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 06:10:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=3385358624880952&bg=!9Pel97PNAAYUOm8VNDo7ACkAdvg8WtFQoiBiUv4odkZTFS0fvAzjA9y4jnt_wBnRU5UB2Qpwvu5sCAIAAABgUgAAAAFoAQeZAtmsgdoKz-zGKMtjgYwjGA7msq5i0wcLwrbXAGIZSwVtDjcqh0y01V7ZFGuKcXuUO-QwbuLY9EA67dKfezYelK6894mY3dwdjxLN4nLbvk7lVK2E02TNSbKnqnFKvCej0weVVIWdthwt4wkVqyAsqfd81ROUbPMkc0nGxSL0_xkTiFEkqdM7FoNhx9Vp9rDrsBwTVezoNveIUpUBq4IL7uNXOwJCNp2EtxG3jHBxbxEMPVvC5VrFYKXPYTzM6lxr_Zur_CXhC1tdRbIj_leWbwsHfnnel25ISGNwnIuqON2HJo7n1zkzGDiXqrZ_ma9SXDJ-eQHhNlZ_G48vZPKwrdBTMwZDPgej_8Y4BCgvPrLo0mK3DamkcERsmkng9uEPggfd4J_Bvb3RA3E9B4Rnb8L_gqJ7KjUUvSAtgQZ_maPghPWfGX7_pyQMCBiiSkv-ScbD7N85K6EQ7Rm4qALQ5QCQxLrrcpVYPfyYNR9l3T6L0-SC5uxC_w-gnxUucx4GrQvVBrKOOKx1QyKPg6G-nMrYX-eY2yZbNTxQNCVV0CmnRq33-ZxVCdn7hiwhfTKjfiQkW_5elHhg7Nkt14zyZNbNGmgps13uSXFMP_I0I02XTagW8KatxikU7EH21sRj4QjN2vINXHJpC7pZsDHwkx8s6R_wRynZfnCxqNkeoaCYgAJR_qWIpy6kXxCEcszVD23zifSs-tZcVSerMtX2JI4e9XIZvBaTMSuZ6VZliF-VT6JLuUQNLAvqGWuIyeBjuGf_FpE_1nzx1nYXYgItEBaQe7o2whYMzUw_-RpAPkhfm338nXtdihI2FS7GeIdj_1_Ug8pc1lwswJlalpMWOLkydsFJCyIGSpaee8j7pGtKwRFy5p8cwVeHzFVRdhDvzKfU6l7529-kgO1jmb0w1rv2JXNNjR-0tG14PVrOgMOe3Lb04blK-97-rlOjKqXIWrBWUy2-X9G3dTs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 7060 43 B
274 B 38ms
38ms Image
image/gif 23.47.213.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1009&tet=2095&fi=1&apd=2217&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=top4top.io&L1id=28040725&L2id=4440622&L3id=340065066&L4id=176028487&S1id=top4top.io&S2id=top4top.io&ord=1661407833818&r=217545459439&t=civ&os=1&fi2=1&div1=1&ait=0&zMoatADV=8364571&url=https%253A%252F%252Ftop4top.io%252F&bedc=1&q=7&BSD=unsafe&BSC=gs_tech_compute,gs_tech,gv_download,gs_tech_consumer_smartphone,moat_unsafe,gs_tech_consumer,gs_fooddrink,gv_crime&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-170.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 06:10:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 06:10:36 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
top4top.io/	1970-01-20 05:33:00	Name: sid Value: GXt8YJQ8%2CTsN6f3qIPDtuwiGmO0
.top4top.io/	1970-01-20 15:06:07	Name: _ga Value: GA1.2.2003086748.1661407832
.top4top.io/	1970-01-20 05:31:34	Name: _gid Value: GA1.2.1985843391.1661407832
.top4top.io/	1970-01-20 05:30:07	Name: _gat Value: 1
.top4top.io/	1970-01-20 05:31:32	Name: klj_40d147_downloads Value: 9nxiv
.top4top.io/	1970-01-20 14:51:43	Name: __gads Value: ID=3cf1c11ea48d5249-22320bec02ce00e1:T=1661407832:RT=1661407832:S=ALNI_MbsaCwcJwNafKeBVy6Ztj3Qvf5NiQ
.doubleclick.net/	1970-01-20 14:51:43	Name: IDE Value: AHWqTUkBWzYeKGx2arRkvYPDHdCeQms0iecn4ttf4PohYfyXYxD8Hmr3RKyl32BOCos
.casalemedia.com/	1970-01-20 14:15:43	Name: CMID Value: YwcSWbIKft4OWBNdb5QahQAA
.casalemedia.com/	1970-01-20 07:39:43	Name: CMPS Value: 1131
.casalemedia.com/	1970-01-20 07:39:43	Name: CMPRO Value: 1131
.adnxs.com/	1970-01-20 07:39:43	Name: uuid2 Value: 6229839175166257072
.doubleclick.net/	1970-01-20 05:30:11	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 07:39:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPoKo`6!]tbPl1M>e)ZlrFUfJ+tGXxpGA/6p>8-5C_YrL`b5SKzOvGp/b#qU>JZ]N3If)y3KL9D3I?+=_TKT%
.casalemedia.com/	1970-01-20 07:39:43	Name: CMTS Value: 1179

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	(Line 3) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.fr
ajax.googleapis.com
b.top4top.vip
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
g.top4top.io
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.top4top.io
havasfrorangedcmdisplay758646212611.s.moatpixel.com
ib.adnxs.com
mb.moatads.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.moatads.com
s.top4top.io
s0.2mdn.net
top4top.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
104.18.19.126
142.250.185.130
142.250.186.66
163.172.24.234
172.217.18.6
18.132.175.146
185.89.210.153
188.165.137.170
23.47.209.169
23.47.213.170
2606:4700:3033::6815:589
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2004
51.158.152.62
52.56.103.253
65.21.235.194
026ca1872e0c65e86a15953bbc8e7acfda971c1aab563d4da90e2e95a386d1a7
0472114d49eea6adad782f1f8bb937e31274cb9ce7cc53ec78a30aa85b054cba
09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
17231ad98c56e63280ab05a62ad868af3348ffd63ab8b3e8c268c066a638958d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
225bda1d2106ae7ca276032199049fb9122358ace9b22dd34e1f8139d211f308
23237f4245711e590fc29895de86150222b5e3577453d73a72acf7e210b24e00
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
25ea4716f75272b98d47e9103e6f90a6cab336b442deee5cca631ef898514972
26454827c8b37c53be9552cafa29372a8052654b568c9711061986c33f4cc32a
2b9f2e2664a3457c5b6309ec6146d108343908aa77290bd88ecbf788e53bd4b9
2c89264163143a26eedae167f96d49193376d8486f19e17a31f48be367a8b5ad
301d414eebebbfdf7cdf3c97d44d4a5bc8f2402e8a085e0e5de59f9c96369bdd
322063180fa4d08654d636750862a9aabfc93f83cb8dfc238e089a998160f790
3d2ade5ee00d5f3418b9368fe1ffbb6db4cba93fef068319412760f226ed7dd0
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
49f08855476510fea5063c3c3a6e039a951b34e2040d05f8647d98b15c8fe7d6
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c656dc5051ef4137835e26910f9853ec4ffd978d98c0f5bf10e0add252f15fe
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517febaf6d30717c2da9bab49d299a7f764101845173da8601cbdbb69ea47e03
51a9009fbf152fa6471612f9baa8dde49a49f436d649df5660c6fa53c2aee0c6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
546334620f7b9096db669a6a2a5c11c0acf11aefb950a167cd1b0a6c18c2cb64
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568473f2974f5a2b81b394dab0cd25b79e8da409e66b9ca6df2f8990e169b307
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
688da19de08d3ab98397aae3929fb3477ecaafe4fd6d559e9ed04bcaf88b3e11
6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199
6f0064301c1aad3b65fa37ddf6c54210678a2d0672ab71428b8687784f102889
72602515fcf2f06ed78912551bb9897107c7032b214697de04cdb6dbaa1ab90d
783a406e52dbb749601faa0466e33b38e2a4b5643549310536b1640ace9fae96
788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278
7cc6282793df792d4719dce6b6102380ba1c6e01f19afd019c0764faff0802e4
826695ffc80a1429f317d7ede2d831623243c6d30443315fc3d60ef144b54aef
8865943d3422725377690e05f2bc63033e28871fb0c139b2368f8e1d3a024f84
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3
95842c4f6cb21ac6f06eca313cffe415b6a6f999f3c9d8152b7abc2b1d86b406
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9850533a561ca31f68aa261ff27600ae292a2443cab1569419d16363a5466513
9e887f4d2abab3726430e13ddb5e8146061981ea0dfdd722818e8002cbd57368
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fd2d2c2ec6291f0d44554385d53126ef15eb959a0062c060da9c4970a6ad61
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e
a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350
a996f05810207146366430fbab7ef95d930eb60ade5c8377849ddccbb2ddb33e
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
ba9e3257fcbf6b779cc19034af0025a7ae959547a953f4c5464c0e5884ec2460
bd35439ab63f8e8116267e542d4f59c66ecd593b25a6c26392210e24802ef0ef
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c421037be2f8873d980c5f76443ab1a53053644b3cec4a721c57d3c5a9fb9a9b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc
cb44773fc6fae1721f11dc86369efa56c8e1bc2a965193db84e1ab4c14c3d657
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c
d357cd0da000b256a372e491167bd2e97eabfbf004cd71e920091b9f3476bd00
d372b5a18696314dcea58d4dd8b4a44a2a1d5513e8a59b387f6ed838c90db058
d386d1935249c8bb044bbbb3bef0d855a2260709f4a956048ba92922e39d1682
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dec7cf652472bdbb3275668c74fc7666c8ec10ba4779912e7ef2d11e98ae6411
df59603e1c3202806d218d9eb30dedd479bd860bf346921a5d88b8fbb0fda22c
e2a149407edd9b2b24ad7a30606b3109586900488daabc534e2334373ab99ff0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f4f8668df1e10afc5972f25ae25c4dc152459750efa9c929339c92e704fba3
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb
ed136219755cbd8c80d88d0aede3248129eebda483327af9481e9078da2273d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f26f40e6c8b1bab68fc1d499eae5ad1c1412723db1b757b44185c1c990d2dd85
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

top4top.io Open in urlscan Pro 188.165.137.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

96 %HTTPS

52 %IPv6

16 Domains

29 Subdomains

26 IPs

8 Countries

1710 kBTransfer

4205 kBSize

14 Cookies

7 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

96 %
HTTPS

52 %
IPv6

16
Domains

29
Subdomains

26
IPs

8
Countries

1710 kB
Transfer

4205 kB
Size

14
Cookies

147 HTTP transactions
6 data transactions