ngconsulate.info Open in urlscan Pro
103.72.77.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngconsulate.org/
Effective URL:
https://ngconsulate.info/
Submission: On January 08 via api (January 8th 2023, 1:02:21 pm UTC) from FR — Scanned from FR

Summary HTTP 191 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 33 domains to perform 191 HTTP transactions. The main IP is 103.72.77.63, located in United States and belongs to A2HOSTING, US. The main domain is ngconsulate.info.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time ngconsulate.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	103.72.77.63 103.72.77.63	55293 (A2HOSTING) (A2HOSTING)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 21	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5 5	52.58.228.255 52.58.228.255	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	18.198.46.54 18.198.46.54	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
4	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
191	27

27 103.72.77.63 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: m.server48.com

ngconsulate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngconsulate.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Cantonment, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.39 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.228.255 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.46.54 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-46-54.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.131.136.1 (France) 4 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	625 KB
40	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	172 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28784 ad4m.at — Cisco Umbrella Rank: 9270 assets.ad4m.at — Cisco Umbrella Rank: 40645	966 KB
26	ngconsulate.info ngconsulate.info	263 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	162 KB
10	metaffiliation.com 4 redirects action.metaffiliation.com — Cisco Umbrella Rank: 109483 img.metaffiliation.com — Cisco Umbrella Rank: 66654	342 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	335 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	3 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 791	4 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	4 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393 static-de.ad4mat.net — Cisco Umbrella Rank: 155945	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	826 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 871	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 3322	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	869 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	3 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	869 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 3008	184 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 17421	660 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2379	351 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	609 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	539 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 679	864 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	750 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	700 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	78 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 45650	161 KB
1	ngconsulate.org 1 redirects ngconsulate.org	280 B
191	33

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net ngconsulate.info pagead2.googlesyndication.com tpc.googlesyndication.com
26	ngconsulate.info	ngconsulate.info
21	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net ngconsulate.info
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngconsulate.info
18	pagead2.googlesyndication.com	ngconsulate.info pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
9	www.gstatic.com	googleads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
7	www.googletagservices.com	googleads.g.doubleclick.net
6	action.metaffiliation.com	4 redirects as.ad4m.at
5	x.bidswitch.net	5 redirects
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	img.metaffiliation.com	as.ad4m.at
4	sync.1rx.io	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
2	a.sportradarserving.com	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	prod-rtb.ad4mat.net	ngconsulate.info
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ngconsulate.info
1	cdn.ckeditor.com	ngconsulate.info
1	ngconsulate.org	1 redirects
191	42

This site contains links to these domains. Also see Links.

Domain
ngspan.com

Subject Issuer	Validity	Valid
ngconsulate.info R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2022-03-07` - `2023-03-20`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://ngconsulate.info/
Frame ID: 0929EA44D38CA771A2427DF4089AC360
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Frame ID: F7B658F34868AAB1460B1EA54B3B362A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1673182936&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fngconsulate.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936223&bpp=13&bdt=832&idt=256&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2114748903895&frm=20&pv=2&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: 902405A9D6DDD5EDAC129E8C030DC86E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.165271594~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182936&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936236&bpp=2&bdt=846&idt=273&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KBkXUoUi37&p=https%3A//ngconsulate.info&dtd=277
Frame ID: 92D80EC6ED84A4B38B836DB19837B0FD
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31
Frame ID: 6B7F47083FBFFD33D70CC42452820717
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36
Frame ID: 9A809177E797228AE0079F874A1A8EF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39
Frame ID: 0F4A53982F0F344CE7351B7BAF5017BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 340A302D6DCB69CB3EBA3470C97010E9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 331C3F1BF6CA0CB5348D976B25298260
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E7CA9D6F34D5021D007EEF5E2AC331C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5630C1ABA8474BC5761C360BCC2397B8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1F1FB371A771745384CCA705A3A3CF58
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 535D75C6677C41A8D9158F1FC7A0A50C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 18884CD0660E5FC9C6A7DF693F819775
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C6_gC2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMQBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4BSzVaByfEZBLQJESgsyVEYsXUUGaxbpu2PwqaZfifAQiKpbrhqrIAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=qK1Uk8wxsNM&uach_m=[UACH]&cid=CAQSOwDq26N9db6OYzg2ZjfuLzmMQ2Zv6F30M29ZwxVcfzwgX-6c2M9MfLZs3wkh3VQOFGCAuRVMvh-hyGIzGAEgEw
Frame ID: 7548A335935CA579FF49AF214658E94A
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 184DBDAB6BB6D97745FF26FB4188A6AE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1266B032C8693FA4D66AD7E1D34D0FC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CUnro2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMQBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS_-xbl3iGrEctNIePOvUVnMRgxY1ZmSVLeIuUqBen4OYq5Q3ywjnYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=BTVFgrMTYXM&uach_m=[UACH]&cid=CAQSOwDq26N9sAzBBV5cwiGfO0Bnu9p67lQ869Z1DSnIJXqCmJdByVnQ5kNkoIlF2UA8kx6lYcCgoLhS62zuGAEgEw
Frame ID: E29AF883A634EEA7A830F54DD34B213A
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 45EFDA43C0C4687989FAF18CF9FBB98E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43E23A0D14BB38295A37C76C0B426E9F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: BD4997FB86663F968E864EF497B9205D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4320A465212977A89A9EDFC93DA0C230
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 925BA368C2ECDEE0718DFC1E12D2EDF0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4DEEA7380209E270B27DF360EBCC9308
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 00D51A6BBEB710F7B62EC089699C02CA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: C17B0BDF71B8E563F6389D5825F93BBC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: 3FD4F8D54A1D90111424D8C556A4ACD6
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7DC48A124D88E915B58626AC87C7BD8F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B89896D5716EAAE480D54146ECE8BC53
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ngConsulate : Integrated Information Portal

Page URL History Show full URLs

http://ngconsulate.org/ HTTP 301
https://ngconsulate.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

191
Requests

88 %
HTTPS

46 %
IPv6

33
Domains

42
Subdomains

27
IPs

7
Countries

3111 kB
Transfer

6771 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ngspan.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngconsulate.org/ HTTP 301
https://ngconsulate.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://um.simpli.fi/gp_match?google_gid=CAESENB6TrDSwSerDVIhwT6cfKw&google_cver=1&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOViRI4myQ1hOG5qql89vQjBEjDKyMZbekAMRMSeHhZpU98lAa1L8NoXA4gF_Po HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5FDCCAC06824E0AA0938B253A16DB87&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOViRI4myQ1hOG5qql89vQjBEjDKyMZbekAMRMSeHhZpU98lAa1L8NoXA4gF_Po

Request Chain 128

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGsnaA12rAyDsTWW9ITveBQ&google_cver=1&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2ggVMAuTHHDqIQEYs5qvdXI0i5rEy1I-XQTXOexw8ofs5Q4vqgfiveqWKHI_ZJGDxA_g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGsnaA12rAyDsTWW9ITveBQ&google_cver=1&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2ggVMAuTHHDqIQEYs5qvdXI0i5rEy1I-XQTXOexw8ofs5Q4vqgfiveqWKHI_ZJGDxA_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA4NjcyMTI5MTE4ODQ0NTM0Nw&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2ggVMAuTHHDqIQEYs5qvdXI0i5rEy1I-XQTXOexw8ofs5Q4vqgfiveqWKHI_ZJGDxA_g

Request Chain 129

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_cver=1&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANBugitHP2ZegRfEeRp_jGVgLHID0cAWZms0zjUJ-I4X7zLM7rrc52SkHbHFUknrFB6X66GgQhOY_mVQJC9KiTntW_4iDO2zhExvbbTV9yPYdlsmc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANBugitHP2ZegRfEeRp_jGVgLHID0cAWZms0zjUJ-I4X7zLM7rrc52SkHbHFUknrFB6X66GgQhOY_mVQJC9KiTntW_4iDO2zhExvbbTV9yPYdlsmc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANBugitHP2ZegRfEeRp_jGVgLHID0cAWZms0zjUJ-I4X7zLM7rrc52SkHbHFUknrFB6X66GgQhOY_mVQJC9KiTntW_4iDO2zhExvbbTV9yPYdlsmc

Request Chain 130

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHBkppfgrVlUVj-Tkj_a5iY&google_cver=1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673182938996 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eabbfd51-1285-494d-866e-d1e291906b83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8%26google_hm%3DA-q7_VEShUlNhm7R4pGQa4M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8&google_hm=A-q7_VEShUlNhm7R4pGQa4M

Request Chain 131

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJmOVpZb8GDbNluu5gEDi5c&google_cver=1&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_sbFKWQnSA2j701YeJ5o22cOu3xSzpj1Z4IYQRTHo7szOXXGQB8qhjRivE7xCFoqw6UfKihW6M HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJmOVpZb8GDbNluu5gEDi5c&google_cver=1&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_sbFKWQnSA2j701YeJ5o22cOu3xSzpj1Z4IYQRTHo7szOXXGQB8qhjRivE7xCFoqw6UfKihW6M&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01Y0xaZTR4RTJ1SEVYZ0ZQSDFjWDNxMklTRzJuZk5uMn5B&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_sbFKWQnSA2j701YeJ5o22cOu3xSzpj1Z4IYQRTHo7szOXXGQB8qhjRivE7xCFoqw6UfKihW6M

Request Chain 132

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszdaR8vHsFCGWCAcVWGMVB04tEG6U2DUWa3dtmHKvLvUM73V2-8ZWC6-qVB1eM7RhHZyKdnlpLJ2mBQDspIrJpibD5mnmsqmaBZu8nXPrdWkQLftIAIdC HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEV9u8R6ErqOt6HrW8etzQM%26google_cver%3D1%26google_push%3DAavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszdaR8vHsFCGWCAcVWGMVB04tEG6U2DUWa3dtmHKvLvUM73V2-8ZWC6-qVB1eM7RhHZyKdnlpLJ2mBQDspIrJpibD5mnmsqmaBZu8nXPrdWkQLftIAIdC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEwOTEwNjY0MzM3NTk0OTI5MA%3D%3D&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszdaR8vHsFCGWCAcVWGMVB04tEG6U2DUWa3dtmHKvLvUM73V2-8ZWC6-qVB1eM7RhHZyKdnlpLJ2mBQDspIrJpibD5mnmsqmaBZu8nXPrdWkQLftIAIdC

Request Chain 134

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK-IoNSuZZqDojdFmGkGTvY&google_cver=1&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbjFWx-BuF2AhVDcsM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbjFWx-BuF2AhVDcsM

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPke1F2sv6gkHWTLdM9uzVo&google_cver=1&google_push=AavPq0MVWCkl-aM-xMID4botmyM9Cx25GtzQHRsiRDWOJpk168yQss57ftsISIL6HpUNS3vrddtPko-b4ujtG2zkXxX8Riw8YRlwNZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPke1F2sv6gkHWTLdM9uzVo&google_push=AavPq0MVWCkl-aM-xMID4botmyM9Cx25GtzQHRsiRDWOJpk168yQss57ftsISIL6HpUNS3vrddtPko-b4ujtG2zkXxX8Riw8YRlwNZU

Request Chain 137

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPLwqt1YYmgDuKOHq1e8Zq0&google_cver=1&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPLwqt1YYmgDuKOHq1e8Zq0&google_cver=1&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE&google_hm=R49R0mlDRGSD3aY1b14qGQ==

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_cver=1&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6ZzJIFmYFHOjSV2ubUOKjgA9qFoOB6Nu4-DrT4PD-w59uzdRW72lNrIySm3rtBVW75Ps HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6ZzJIFmYFHOjSV2ubUOKjgA9qFoOB6Nu4-DrT4PD-w59uzdRW72lNrIySm3rtBVW75Ps&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6ZzJIFmYFHOjSV2ubUOKjgA9qFoOB6Nu4-DrT4PD-w59uzdRW72lNrIySm3rtBVW75Ps

Request Chain 139

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI_8k-x8Nx4Lfd7-jlxqQdI&google_cver=1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673182938995 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eabbfd51-1285-494d-866e-d1e291906b83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w%26google_hm%3DA-q7_VEShUlNhm7R4pGQa4M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&google_hm=A-q7_VEShUlNhm7R4pGQa4M

Request Chain 140

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBEw4QNS-SzzIm15BpJtqOU&google_cver=1&google_push=AavPq0MG1E9aanQznNU32iibTY0PW2FKSCsvVZd_0o5RDGVDJEqRuNbGR0ln7CTQcE3S8_IbcKlWWolC0uSVOS0s_fHqdmyY02Jp_Bm0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MG1E9aanQznNU32iibTY0PW2FKSCsvVZd_0o5RDGVDJEqRuNbGR0ln7CTQcE3S8_IbcKlWWolC0uSVOS0s_fHqdmyY02Jp_Bm0 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 152

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1&google_push=AavPq0NYJPH9L8ioESihTQyAJhtU9utJEwA3fT-NCZTBoYRcmD4nTG-FDCMJVIaBm_IMLG0rDJ9Xd4k1gOFRMrFrgwD2okHUY_DplrI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2MDEzODA1MjkxMjQwNDkzNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1

Request Chain 153

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPxBEQ2-4oUNw8hRDBq4sgw&google_cver=1&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-hWmr2kjk_SustHcSWH4I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-hWmr2kjk_SustHcSWH4I&google_hm=VvIjo_tMTYe4c7no6q7bKG0

Request Chain 154

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDOyRZAPJ96zrdtZwxqvXmE&google_cver=1&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs-6E_WbTqYCtCGgvg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs-6E_WbTqYCtCGgvg&google_hm=hmO6vtricorhUX6k2Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63BABEDAE2728AE1517EA4D9BLIS

Request Chain 155

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGon-QwC5B7JscUOU4G1dws&google_cver=1&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGon-QwC5B7JscUOU4G1dws&google_cver=1&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7134391e-c72e-4c78-b3bf-3af209869696&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA&google_hm=R49R0mlDRGSD3aY1b14qGQ==

Request Chain 156

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEModAGV_rdu0u9EMK4i6Qtw&google_cver=1&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zKoE4yJiqeHmzksayuOQcGlXDNU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTA3NjQ0MzA5NDMyNzE4Mw&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zKoE4yJiqeHmzksayuOQcGlXDNU

Request Chain 158

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPUpecnZ1eG8t2ua6vXOLXk&google_cver=1&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LFJYcbqsMC_Fzld3n- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LFJYcbqsMC_Fzld3n-

Request Chain 175

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 178

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

Request Chain 185

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 188

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

191 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ngconsulate.info/
Redirect Chain

http://ngconsulate.org/
https://ngconsulate.info/

39 KB
8 KB

1027ms
287ms

Document
text/html

103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 805ea03019f04291bba99ec8b18ba48260852c5fed12cea82cdfe0b1b0207780

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7799
Content-Type: text/html; charset=UTF-8
Date: Sun, 08 Jan 2023 13:02:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 08 Jan 2023 13:02:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ngconsulate.info/
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
ngconsulate.info/themes/default/assets/bootstrap/css/ 115 KB
19 KB 112ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 03:38:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1caa7-5c4d9d18a4380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19287

GET
H/1.1 200
OK font-awesome.css
ngconsulate.info/themes/default/assets/font-awesome/css/ 32 KB
7 KB 322ms
107ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/font-awesome/css/font-awesome.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7e3e-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6423

GET
H/1.1 200
OK select2.min.css
ngconsulate.info/themes/default/assets/plugins/select2/ 15 KB
2 KB 322ms
108ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/select2/select2.min.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3a3d-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1920

GET
H/1.1 200
OK _all-skins.min.css
ngconsulate.info/themes/default/assets/dist/css/skins/ 41 KB
4 KB 328ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/dist/css/skins/_all-skins.min.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "a554-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3301

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.5.2/full/ 542 KB
161 KB 183ms
38ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.5.2/full/ckeditor.js

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:15 GMT
x-cf-tsc: 1673005798
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:fB.waw1:co:1663772073:cacheN.waw1-01:M
x-cf-reqid: 7c5ea4c10a6f94c080b92ea2ad2c0286
content-length: 164316
x-xss-protection: 1; mode=block
x-cf2: H
last-modified: Tue, 04 Aug 2015 13:14:26 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 1524005
accept-ranges: bytes
x-cf-rand: 99.811
expires: Mon, 26 Dec 2022 18:30:32 GMT

GET
H/1.1 200
OK hover.css
ngconsulate.info/themes/default/assets/dist/css/ 102 KB
7 KB 327ms
110ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/dist/css/hover.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1971f-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7203

GET
H/1.1 200
OK custom.css
ngconsulate.info/themes/default/assets/dist/css/ 40 KB
7 KB 327ms
110ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/dist/css/custom.css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Oct 2021 22:47:08 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "9fa1-5cf99b938b300-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7222

GET
H/1.1 200
OK jQuery-2.1.4.min.js Show response
ngconsulate.info/themes/default/assets/plugins/jQuery/ 82 KB
29 KB 434ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/jQuery/jQuery-2.1.4.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14979-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29532

GET
H/1.1 200
OK jquery.inputmask.js Show response
ngconsulate.info/themes/default/assets/plugins/input-mask/ 88 KB
16 KB 435ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/input-mask/jquery.inputmask.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "161ab-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15666

GET
H/1.1 200
OK jquery.inputmask.date.extensions.js Show response
ngconsulate.info/themes/default/assets/plugins/input-mask/ 22 KB
3 KB 442ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/input-mask/jquery.inputmask.date.extensions.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "591e-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2827

GET
H/1.1 200
OK jquery.inputmask.extensions.js Show response
ngconsulate.info/themes/default/assets/plugins/input-mask/ 5 KB
2 KB 441ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/input-mask/jquery.inputmask.extensions.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14c3-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1197

GET
H/1.1 200
OK custom_css
ngconsulate.info/ 24 KB
5 KB 443ms
226ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/custom_css
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: ed1fbe4800e97ebd652fd31fa81abd059e689c1716c56afc1c8dac008a38ac79

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 4422
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 173ms
69ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-899ZSPX9TL

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe30d65ddb77b6501f219a748767783a0bfdfecf047f02d19b0c8cd3496ab5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 13:02:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 172ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d64fc88f3be38276c42484506ea81198c9c9d7d380352e260d469d8be84cef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49985
x-xss-protection: 0
server: cafe
etag: 18049939552483979096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 13:02:16 GMT

GET
H/1.1 200
OK title_logo_consulate.png
ngconsulate.info/uploads/ 2 KB
2 KB 151ms
106ms Image
image/png 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngconsulate.info/uploads/title_logo_consulate.png
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 7514e870eafdd8e44f2d4e0a190114fa83790944b44a8d85bf603ffab48e9283

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Last-Modified: Mon, 14 Dec 2020 00:41:52 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7bb-5b661e87ad400"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1979

GET
H/1.1 200
OK bootstrap.min.js Show response
ngconsulate.info/themes/default/assets/bootstrap/js/ 35 KB
10 KB 112ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "8c6f-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9539

GET
H/1.1 200
OK select2.full.min.js Show response
ngconsulate.info/themes/default/assets/plugins/select2/ 70 KB
20 KB 112ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/select2/select2.full.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11604-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20119

GET
H/1.1 200
OK moment.min.js Show response
ngconsulate.info/themes/default/assets/plugins/daterangepicker/ 34 KB
12 KB 117ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/daterangepicker/moment.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "87b1-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11869

GET
H/1.1 200
OK daterangepicker.js Show response
ngconsulate.info/themes/default/assets/plugins/daterangepicker/ 52 KB
10 KB 120ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/daterangepicker/daterangepicker.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "d1af-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9373

GET
H/1.1 200
OK bootstrap-timepicker.min.js Show response
ngconsulate.info/themes/default/assets/plugins/timepicker/ 15 KB
4 KB 117ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/timepicker/bootstrap-timepicker.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3c5d-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3494

GET
H/1.1 200
OK icheck.min.js Show response
ngconsulate.info/themes/default/assets/plugins/iCheck/ 4 KB
2 KB 118ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/iCheck/icheck.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11a4-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
ngconsulate.info/themes/default/assets/plugins/slimScroll/ 6 KB
2 KB 111ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/slimScroll/jquery.slimscroll.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1856-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2062

GET
H/1.1 200
OK fastclick.min.js Show response
ngconsulate.info/themes/default/assets/plugins/fastclick/ 9 KB
3 KB 109ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/plugins/fastclick/fastclick.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2248-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2831

GET
H/1.1 200
OK app.min.js Show response
ngconsulate.info/themes/default/assets/dist/js/ 9 KB
3 KB 111ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/dist/js/app.min.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2402-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2863

GET
H/1.1 200
OK imagelightbox.js Show response
ngconsulate.info/themes/default/assets/dist/js/ 9 KB
3 KB 111ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/dist/js/imagelightbox.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "25d4-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2488

GET
H/1.1 200
OK custom_js Show response
ngconsulate.info/ 16 KB
17 KB 187ms
186ms Script
text/style 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/custom_js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 3fab0dff5d79100c0c603a9089193256d0506d8a32c8ff383e2f972308d7f7e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Jan 2023 13:02:16 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/style;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cookieinfo.js Show response
ngconsulate.info/scripts/ 7 KB
3 KB 110ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/scripts/cookieinfo.js
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 22:02:28 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1dc9-5d0daf6f12500-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2984

GET
H/1.1 200
OK fontawesome-webfont.woff2
ngconsulate.info/themes/default/assets/font-awesome/fonts/ 63 KB
63 KB 155ms
106ms Font
font/woff2 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngconsulate.info/themes/default/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/themes/default/assets/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://ngconsulate.info/themes/default/assets/font-awesome/css/font-awesome.css
Origin: https://ngconsulate.info
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:16 GMT
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "fbd0-56f6c65a4bf00"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 64464

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 97ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngconsulate.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d56d907e773c9e86756412e940b205a4deb60af81fec27e264df00c0ae622a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 7461371648785590513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 13:02:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/ Frame F7B6 10 KB
5 KB 81ms
24ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 76427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:48:29 GMT
etag: 10353107486223812946
expires: Sat, 21 Jan 2023 15:48:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 69ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-899ZSPX9TL&gtm=2oe120&_p=297849995&cid=1854583625.1673182936&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673182936&sct=1&seg=0&dl=https%3A%2F%2Fngconsulate.info%2F&dt=ngConsulate%20%3A%20Integrated%20Information%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-899ZSPX9TL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngconsulate.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
700 B 187ms
59ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngconsulate.info&callback=_gfp_s_&client=ca-pub-2910357982650786&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngconsulate.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4432353a110afc8d2d6a81d80f613ef4aee927b1297e990acca4f70b955434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
538 B 107ms
35ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngconsulate.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 106ms
34ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngconsulate.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 125ms
124ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fngconsulate.info%2F&tn=DIV&cls=cookieinfo&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9024 376 KB
62 KB 990ms
939ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1673182936&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fngconsulate.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936223&bpp=13&bdt=832&idt=256&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2114748903895&frm=20&pv=2&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3708ffb52b47f8fcf44e26a22fc4117d70325d9e13c6cd4f3e58f5e67ab3d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 63323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:17 GMT
expires: Sun, 08 Jan 2023 13:02:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92D8 92 KB
33 KB 920ms
880ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.165271594~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182936&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936236&bpp=2&bdt=846&idt=273&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KBkXUoUi37&p=https%3A//ngconsulate.info&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4be90615fe21072f732aab53daa3e03dc9a989b7fbd74a3aeeb1327dd76d3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33252
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:17 GMT
expires: Sun, 08 Jan 2023 13:02:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 92D8 9 KB
5 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.165271594~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182936&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936236&bpp=2&bdt=846&idt=273&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KBkXUoUi37&p=https%3A//ngconsulate.info&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:50:36 GMT

GET
H2 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame 92D8 10 KB
4 KB 85ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:50:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 92D8 8 KB
1 KB 169ms
62ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 11:08:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 92D8 2 KB
765 B 85ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 92D8 22 KB
9 KB 111ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 09:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 92D8 3 KB
1 KB 87ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 92D8 18 KB
7 KB 118ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92D8 156 KB
48 KB 107ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 92D8 34 KB
14 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b67b020b7a158710aff20f39cec035625e8b1e33836c2e06e3875cae6d3bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 12502017879707940035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 93ms
36ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngconsulate.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 91ms
37ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngconsulate.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B7F 91 KB
32 KB 1088ms
1087ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e205bae06d3af5dc576a991893b789e0af2e8044291e9c3c99014199b74336a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: Sun, 08 Jan 2023 13:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A80 31 KB
12 KB 585ms
584ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13b786dd108e561a82b2c69d252ac46d5fe9fcdd31de53cf9fc183d8bbc7cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: Sun, 08 Jan 2023 13:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F4A 31 KB
12 KB 687ms
686ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3f68c7830fc572473df47f5ef1f149be2141822299a6a7c316cf51460e90449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: Sun, 08 Jan 2023 13:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92D8 0
0 73ms
72ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkK9z2L66Y_u1I8zAzQa8iorAAp7Ama9uj-_ClsEQscCsiJQOEAEgyv7WhwFg-wGgAbeYgaIoyAEBqQJ9U5p-S9d6PqgDAcgDywSqBN0BT9A29uo6ZIFLmUnYK-bAeVcqJvNZDCwUnH1ciQRY0JWj26nFOImu5UtWbfHHoolGodIynPEDVUTeKENBiB7ThIYCni9oIFMwVxEg8kh9jjA0PSdZPTdW2eTCxIwlMxnl9MxfszhJUrVb4m5GZKWNkl_MBMV1GiN2aYn6oCbEL89TnqZTurQmqQPa8YB8P_FK2x8slSU5VDXrhAaroS4DH5fATX2y1-eUGu8G7LvY_mr4Ci4ejWVcRW5B5gV2m6w1yCLuFWektc6gayAZiJ2WYf__jE9Bjf6WbhO0SLbABP3z69GHBJIFBAgEGAGSBQQIBRgEgAeepbTLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEImbAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=RuC4Dkm-gPU&uach_m=[UACH]&cid=CAQSGwDq26N9HJf8A0zkpMzMM4ednJShIyylrpzfkhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.165271594~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182936&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936236&bpp=2&bdt=846&idt=273&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KBkXUoUi37&p=https%3A//ngconsulate.info&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 340A 143 B
166 B 26ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.165271594~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182936&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182936236&bpp=2&bdt=846&idt=273&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KBkXUoUi37&p=https%3A//ngconsulate.info&dtd=277
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 92D8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a07391047ad1b4246cd972dd8ed09af7ce251a9adfd8c3a61c2e11e3101c2aca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame 331C 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 18421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame 7E7C 10 KB
4 KB 35ms
34ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 18421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame 5630 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 18421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 331C 9 KB
4 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:50:36 GMT

GET
H3 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame 331C 10 KB
4 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:50:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 331C 8 KB
895 B 144ms
66ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 13:01:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 331C 2 KB
765 B 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 331C 22 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 09:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 331C 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 331C 18 KB
7 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 331C 156 KB
48 KB 105ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 331C 34 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 92D8 28 KB
28 KB 85ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 228396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 21:35:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 7E7C 2 KB
765 B 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 7E7C 22 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 09:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 7E7C 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 7E7C 18 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E7C 156 KB
48 KB 96ms
84ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 7E7C 34 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 340A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
35ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: Sun, 08 Jan 2023 13:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5630 8 KB
895 B 99ms
68ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 11:05:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5630 2 KB
765 B 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 5630 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 09:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5630 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5630 18 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5630 156 KB
48 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:17 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 5630 34 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F1F 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F1F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
45ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: Sun, 08 Jan 2023 13:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8889567164616721941
tpc.googlesyndication.com/daca_images/simgad/ Frame 7E7C 9 KB
9 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8889567164616721941?w=180&h=360

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823251540b87240b75d46e9be27c4fa867a4fa24d01dacfe6bad69a4cd5ae29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:44:06 GMT
x-content-type-options: nosniff
age: 1092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9637
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 09:40:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Jan 2023 12:44:06 GMT

GET
DATA 200
OK truncated
/ Frame 7E7C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1016d67757b734cb02c24695645c23f9601dbf9ffad0a5789e22c15a0f38bc63

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 535D 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 12:39:09 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1888 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 12:39:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7E7C 0
17 B 70ms
70ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN1MB2L66Y6rWJKiDiM0P1OGJ4AnIh6CrbuDzxc2fEZiltpWLAxABIMr-1ocBYPsBoAHcl_nqAsgBAagDAcgDywSqBNMBT9Dy44ft18I_ojeUfLrtdgACaF-txyBn8DH_ffRICG_hRQDEwhfietndj-Ee9XSPxUgJnEJkHKnp0BvgB8blUpuxrnBI86kWV-3-sL2y0nerRp49Bo-H1gKpaFNQS3BsSafjLJM1PdzEIT4qy832hM5W90XqZW4Pdp7bCBuhfLXAPDPoDKp7B0GpRg0YFPCTn1zSGVIZVKNOrerVbXEA7S20lapQI8QbAYybtiFpkMhJymJABjn_JC4z19i_yjvu10001ePJy6IS7SkFHMY_W20Gx8AEzvz5k5IEkgUECAQYAZIFBAgFGASgBgKAB4zohpUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ9FfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDogUAdAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=jf48eehBQlE&uach_m=[UACH]&cid=CAQSGwDq26N9z0Xkuo58d7XK6HOQrRw64f7FWdK4nBgBIBM&vis=1

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7548 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6_gC2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMQBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4BSzVaByfEZBLQJESgsyVEYsXUUGaxbpu2PwqaZfifAQiKpbrhqrIAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=qK1Uk8wxsNM&uach_m=[UACH]&cid=CAQSOwDq26N9db6OYzg2ZjfuLzmMQ2Zv6F30M29ZwxVcfzwgX-6c2M9MfLZs3wkh3VQOFGCAuRVMvh-hyGIzGAEgEw

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7548 0
0 83ms
29ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kj1ewe2h7v7dsr3nk70x6fwkmn4afzavn0945n9yzzp9fbpnqgs61f18awxn3pyhzezjpkbv2nfnb7wyrvdxpjtc6whs4g8am72xfpa14k6y4x4pd0bpkf4c0ymqwwa79dppx68em00by3fqbpwywwjcn9b3vmnt0ahe28a0qmgkf2tj10ar3ah1g04pqbd1kc7a5j3t8vwwkktxx0kxsdz1pjtdr5b4sb9yr2npfzs5gk3k40srw50d22tn1x9t24we86ns3vd5ay3fbdv7wp9vsc66kcwnkgb9jb2hzntawmz6g2f2t4rx2wjhfdj2040adbc77v5yqx62y63hc6369290tm8gxdbgh7e5h6423zwdv54z7nd6dvjs340kw5a10ex78&b=Y7q-2QAJuvEK0z6DAAHR0S4BaQadhExSD6Vydg
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 08 Jan 2023 13:02:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 184D 2 KB
1 KB 107ms
49ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe43ab0de4de4d73c8e8f0dec4bbfae2b29c1f634cdb83df61c41db94468670a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78652076cb3a2a2f-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 7548 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B126 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:50:08 GMT
etag: 48472445140208031
expires: Mon, 09 Jan 2023 12:50:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 7548 18 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7548 0
0 86ms
32ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFBLNfOREnoMoFPiIvYjpm0hsiUutfbMPezQpcunKkL6uq8lLRxoq1DPM2wz2v8V311tPLFlTF1NpOWF-d8fojZrwdeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7548 156 KB
48 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E29A 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUnro2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMQBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS_-xbl3iGrEctNIePOvUVnMRgxY1ZmSVLeIuUqBen4OYq5Q3ywjnYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=BTVFgrMTYXM&uach_m=[UACH]&cid=CAQSOwDq26N9sAzBBV5cwiGfO0Bnu9p67lQ869Z1DSnIJXqCmJdByVnQ5kNkoIlF2UA8kx6lYcCgoLhS62zuGAEgEw

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E29A 0
0 66ms
29ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kfb95dbmrex152xzerb9wzvpaqpv726y6dwbf6pfk1w1dkfeffb3hj2rqx4vae35s2p9ptvcnkgey75tsajc52t9z36p7jn06t79pmwb0d0sf525a19zkbmx69122zy2scyrcsdv7hrfzvn56mta65n30pyg2pws15nxzyv8tvc4qdxb5xj8114vsc3yhqq6544c30b69cb5t9w8r2hfeb76rxa41g5s2fmbksmdhf2xz0q5nf1egaejzwgd4ztpgy3kngwj3qcmzsts8v1nztdgtyth9www48axgkjcp12rfjsw0zpac5yr8v0n3a6zdc5my53nvcm31dqsfwadfpfmx3f3jajgk02bxsdfy705tfzwyw62taj4b77dxhqr95q98r1a8&b=Y7q-2QAJ8pcKeww1AAzKyBeHQM3vKKSeW7Ke2A
Requested by: Host: ngconsulate.info
URL: https://ngconsulate.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 08 Jan 2023 13:02:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 45EF 2 KB
2 KB 90ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eda6d7f70bbf8e6814f93a3c0f0258e7bda03da77d40b9ab4f225fdbf8883f9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78652076cb3d2a2f-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E29A 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 43E2 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:50:08 GMT
etag: 48472445140208031
expires: Mon, 09 Jan 2023 12:50:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E29A 18 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E29A 156 KB
48 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:18 GMT

GET
H3 200 5557043319933814738
tpc.googlesyndication.com/simgad/ Frame 331C 20 KB
20 KB 27ms
27ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5557043319933814738?w=300&h=300

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e76a70e7cdd1f43248c4fb45f5210042e13bdbb62b2c4b52224aaf4f61ca80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 18:13:23 GMT
x-content-type-options: nosniff
age: 67735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20533
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 13:25:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 18:13:23 GMT

GET
DATA 200
OK truncated
/ Frame 331C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f60549b6d7b0a2d27115b9a3145eca52e24f51a6a01d992132288edc90d8c55e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame BD49 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 12:39:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6B7F 6 KB
672 B 64ms
61ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 11:08:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 13:02:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 6B7F 2 KB
765 B 27ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 6B7F 22 KB
9 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 09:40:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 6B7F 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:15:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 6B7F 18 KB
7 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 20:47:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B7F 0
0 33ms
32ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGAXRWOeYqp2TnGlAavuWxmjI68iBL_aYegpedrgV2g-i3CTQXlOSl3ncKOFb6oJvSDmQx7e1VoJY_J_bP1xT9YHZPtw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B7F 156 KB
48 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:18 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 6B7F 34 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 45EF 89 KB
11 KB 71ms
49ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 300405
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZdy27q6dtSf6tSHJK4yf%2FSxE7ZDb%2Fx1KEt0blCZYCkaFnCWE8q3uHoXrjuHGoTjmG%2BOAPrSQmWaZKSqjyblbDxNZfV8iy%2By%2FzUUajQEcskRIgK%2FbwOJYYXvhpYaoUXVdaBVIivYSqA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 78652077da6a2a3b-CDG
expires: Sun, 08 Jan 2023 14:02:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 45EF 35 KB
12 KB 44ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 290955
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEcJS%2BBGBcFqfEBNsEK66Is7Ea58SfpRZs9%2Bmf7A170hqyYDqEff%2Fslvma7otV%2FRrDw5CLsC6iZwI47U%2F10%2FdAtkUcEk5dyqtdAT5ASFuzqDIAvD93avprn9fYKczygjVgU0tTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78652077ccb12a2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 184D 89 KB
12 KB 46ms
32ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 300405
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs0UbLNcGJmSherNjB8NmmqOGbrkZXE7os9qUv6yn2lPqWwAoJNAI5ctjE7JYZJparEB8CpRvC3uRfY3yTX7ZNZ5%2FG8SFvWxAye%2BWOtK%2BRVoBb9FXf%2BgU%2BNOuoRy58FlqVPAOhOz4yI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 78652077da6b2a3b-CDG
expires: Sun, 08 Jan 2023 14:02:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 184D 35 KB
12 KB 34ms
29ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 290955
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJMfDyAW%2FPVDFL0pzSYPpwRSOcrG4%2FsuExJJC0nqNlW7FtFzCjFG4WYZ%2BS94VJlYDWR2HrD7gbR0L58nsLoFaW4AcjHGa%2FqanYv7E8Bogh9Oo7QbUrEyhr0RvWTCeZV%2BFOa7TEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78652077ccb32a2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
DATA 200
OK truncated
/ Frame 7548 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c92173bfde67e6a8144677d0f11312d465b39f1c82f12d35551f36446977d496

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E29A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a927ea944e16b3fe05b38b1e673051d3b5ca6fe818f2048e3c3422f68d61833

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B7F 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgV5_2b66Y-i6JsHMzQaqo6-gCMiHoKtuucXWgJkRmKW2lYsDEAEgyv7WhwFg-wGgAdyX-eoCyAEJqAMByAPLBKoEzgFP0AzytUBXZKfub2nQ5BgChwkBsYsK-GUXrfRyL4YaH7J7inx4c4Ya9tcPYdZ07Ci7vbtpyGW3sfkoeOxkcB3GIXyykY8_YyGAYp70xGSuJs_GdakWO27w5z_3wMpK3LAh1yUS588NydN1TxpkGkpM_IV-s2E-ln7BCY00sDKJ0WTN-np6KcLTsTevAvFjIKVCLsihrR_whWclWL45v_8bAxDEbEOfU6PRhRzRWjrEKkPpwppe-1C-HWwhoB9n_dOWJXUDuvHqUR8T7UjXEsAE_pj3k5IEkgUECAQYAZIFBAgFGASgBi6AB4zohpUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ1m_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw7QFQGAFwGyFxwKGggAEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=smXoA-KizD8&uach_m=[UACH]&cid=CAQSOwDq26N9kxNhuoxrSlKG_RYUaoLSmfVBb02bmb_pB1EkEZGCWYE7h7MWmbS7dUr8RVGOVjE7Rr_ZUxmXGAEgEw&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3954287284770670139/ Frame 6B7F 165 KB
165 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3954287284770670139/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2720f8bc6baad2b59197f46fc6f003ba6d8c7abc00996729306088848a2d50f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:59:35 GMT
x-content-type-options: nosniff
age: 100963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169269
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 20:48:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 08:59:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11768293015810817973/ Frame 6B7F 848 B
875 B 26ms
25ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11768293015810817973/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fba99f255539c52e3dafa574733742a3968f210ce2789907dd65838e9e5887f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:48:11 GMT
x-content-type-options: nosniff
age: 94447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 20:48:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 10:48:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 331C 0
17 B 73ms
73ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUeKU2L66Y6nWJKiDiM0P1OGJ4AnKxfX5a9CF7__FEOaj3ebEHBABIMr-1ocBYPsBoAGT-77fA8gBAagDAaoE2QFP0N2gi3OHObX_AvObe_yd5eNzT1CAHi_2rsmNEn4-_3Nh4Ct7gUM2Zjz7m55bRdlKUywVbAoEJ6LkBSfgOGGpaUYHBQMzhegJQoR5gAFlCPgR9v_fS9wVDmx2felLj0LyxKvcsR3r3MAMbx_QbzALsP5St8zmn-4BNo0_AdkHvfGF-KZwBFgtgGBqneZU3Kar3bB22Rey7RxgEaIFmc24LHh7cmJ_yj3HdDa7b7NmFHGeI45GC4fNMY5nYKdpWVjwKFdQAwvecJJAoaWJyIukvdcDvL9jxioowAT-zae5lQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1YTBIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEKdK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=bp2LiF_wUfQ&uach_m=[UACH]&cid=CAQSGwDq26N9z0Xkuo58d7XK6HOQrRw64f7FWdK4nBgBIBM&template_id=5001&vis=1

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Jan 2023 13:02:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENB6TrDSwSerDVIhwT6cfKw&google_cver=1&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOViRI4myQ1hOG5qql...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5FDCCAC06824E0AA0938B253A16DB87&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOV...

170 B
188 B

88ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5FDCCAC06824E0AA0938B253A16DB87&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOViRI4myQ1hOG5qql89vQjBEjDKyMZbekAMRMSeHhZpU98lAa1L8NoXA4gF_Po

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 08 Jan 2023 13:02:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A5FDCCAC06824E0AA0938B253A16DB87&google_push=AavPq0N1M0ZsZW6lQKWOC7G4YMpvPqFXYtGNbK9YQGm6BJTKRJwYwA6X3Jlo58Y04Q6t0kmjrcCjiu8i0diiCOViRI4myQ1hOG5qql89vQjBEjDKyMZbekAMRMSeHhZpU98lAa1L8NoXA4gF_Po
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 07 Jan 2023 13:02:19 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B126 0
173 B 84ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK42lmQjvzIZXtIewILTRNE&google_cver=1&google_push=AavPq0N1CSHKO2oYCEgKShDuvVjWhNyFK-l06FC0AVnjMHsMBKVQZOws-_jRBBOhy6gVGJ7XNAGfpkujM8PGUdaLqah2bcoH9mi3ir_nnRWiqRzl4SrTEUci5nQrbj6gZLmqJgTWpr9bmVb0bH0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8B1TT5EJOM&p=https%3A//ngconsulate.info&dtd=36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGsnaA12rAyDsTWW9ITveBQ&google_cver=1&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2g...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGsnaA12rAyDsTWW9ITveBQ&google_cver=1&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8p...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA4NjcyMTI5MTE4ODQ0NTM0Nw&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI...

170 B
188 B

39ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA4NjcyMTI5MTE4ODQ0NTM0Nw&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2ggVMAuTHHDqIQEYs5qvdXI0i5rEy1I-XQTXOexw8ofs5Q4vqgfiveqWKHI_ZJGDxA_g

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA4NjcyMTI5MTE4ODQ0NTM0Nw&google_push=AavPq0OS5SOFG3bl4Rcx1JG1Zks__s2y_alYNbqfiAncx8PldB6XiPu9GtEU4L2bQT8d9nkWO8pLjI2ggVMAuTHHDqIQEYs5qvdXI0i5rEy1I-XQTXOexw8ofs5Q4vqgfiveqWKHI_ZJGDxA_g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANB...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANBugitHP2ZegRfEeRp_jGVgLHID0cAWZms0zjUJ-I4X7zLM7rrc52SkHbHFUknrFB6X66GgQhOY_mVQJC9KiTntW_4iDO2zhExvbbTV9yPYdlsmc

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLen%2B%2F6%2F6TAoLzwk4ifCgxSCuCz%2BnH2kfMiLJGYiBSnLb10mbrdgFsQu0hxuFIBwT06w3LxdEo1fP5is5u7rNDq16Phi%2FZOBMJPDGcbrtWvFsB2YenyibW%2FZVfDP8Z2na3%2F%2BM7raKEiTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8xVE53kfvIS6VYWmVAjOE&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0NHeceB9X-b6zwKqN8toRNADTaUjbANBugitHP2ZegRfEeRp_jGVgLHID0cAWZms0zjUJ-I4X7zLM7rrc52SkHbHFUknrFB6X66GgQhOY_mVQJC9KiTntW_4iDO2zhExvbbTV9yPYdlsmc
cache-control: no-cache
cf-ray: 786520793cd5d540-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1Y...
https://sync.targeting.unrulymedia.com/csync/RX-eabbfd51-1285-494d-866e-d1e291906b83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NntCN9w8h4zbK2d0yZ8...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8&google_hm=A-q7_VEShUlNhm7R4pGQa4M

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NntCN9w8h4zbK2d0yZ8iD2dL8_Eojuzou4seLnLQPSJ369uhVQSQ9U4fwLkIrbySxvz2JX_8IFAsHiermZNC7nyB1CWpMp876wHr-Px4GAgUwa1eg9yKbKocoDt1YLLxL_m01ByiNo8r8&google_hm=A-q7_VEShUlNhm7R4pGQa4M
date: Sun, 08 Jan 2023 13:02:19 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXeabbfd511285494d866ed1e291906b83003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJmOVpZb8GDbNluu5gEDi5c&google_cver=1&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJmOVpZb8GDbNluu5gEDi5c&google_cver=1&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01Y0xaZTR4RTJ1SEVYZ0ZQSDFjWDNxMklTRzJuZk5uMn5B&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782Aa...

170 B
188 B

39ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01Y0xaZTR4RTJ1SEVYZ0ZQSDFjWDNxMklTRzJuZk5uMn5B&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_sbFKWQnSA2j701YeJ5o22cOu3xSzpj1Z4IYQRTHo7szOXXGQB8qhjRivE7xCFoqw6UfKihW6M

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01Y0xaZTR4RTJ1SEVYZ0ZQSDFjWDNxMklTRzJuZk5uMn5B&google_push=AavPq0OZqwOz6OH0OKQ-H6d-UVktDooEP9jw4zli8RbWwrcAAzhT782AaALGtmz2UEZGlrCPV_sbFKWQnSA2j701YeJ5o22cOu3xSzpj1Z4IYQRTHo7szOXXGQB8qhjRivE7xCFoqw6UfKihW6M
date: Sun, 08 Jan 2023 13:02:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B126
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4q...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEV9u8R6ErqOt6HrW8etzQM%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEwOTEwNjY0MzM3NTk0OTI5MA%3D%3D&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszd...

170 B
188 B

63ms
45ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEwOTEwNjY0MzM3NTk0OTI5MA%3D%3D&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszdaR8vHsFCGWCAcVWGMVB04tEG6U2DUWa3dtmHKvLvUM73V2-8ZWC6-qVB1eM7RhHZyKdnlpLJ2mBQDspIrJpibD5mnmsqmaBZu8nXPrdWkQLftIAIdC

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.59.164.109; 37.59.164.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f0ca1284-52e2-4837-9f06-e1c929261402
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEwOTEwNjY0MzM3NTk0OTI5MA%3D%3D&google_gid=CAESEEV9u8R6ErqOt6HrW8etzQM&google_cver=1&google_push=AavPq0M0hVRSrYE4qZ4WiCcxoPACvXxszdaR8vHsFCGWCAcVWGMVB04tEG6U2DUWa3dtmHKvLvUM73V2-8ZWC6-qVB1eM7RhHZyKdnlpLJ2mBQDspIrJpibD5mnmsqmaBZu8nXPrdWkQLftIAIdC
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B126 0
223 B 143ms
33ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KyN9RpYsAf74-b5JQpQUNs4udVEg2NheV8UA5Hdt6Taxc86phopEcDFsbl8pGqdZpDhkEo4zg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK-IoNSuZZqDojdFmGkGTvY&google_cver=1&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbjFWx-BuF2AhVDcsM

170 B
188 B

78ms
45ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbjFWx-BuF2AhVDcsM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x10 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PFmXJl7AQKzo-M1veqqzMhBq2CxnP3Gjdhrh5JlgqT2f97luP_FNCCwxyTiG8fhLNrO87CzcaQdbITeCbjFWx-BuF2AhVDcsM
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 08 Jan 2023 13:02:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPke1F2sv6gkHWTLdM9uzVo&google_push=AavPq0MVWCkl-aM-xMID4botmyM9Cx25GtzQHRsiRDWOJpk168yQss57ft...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPke1F2sv6gkHWTLdM9uzVo&google_push=AavPq0MVWCkl-aM-xMID4botmyM9Cx25GtzQHRsiRDWOJpk168yQss57ftsISIL6HpUNS3vrddtPko-b4ujtG2zkXxX8Riw8YRlwNZU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cdg20758-CDG
pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1673182939.025574,VS0,VE78
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPke1F2sv6gkHWTLdM9uzVo&google_push=AavPq0MVWCkl-aM-xMID4botmyM9Cx25GtzQHRsiRDWOJpk168yQss57ftsISIL6HpUNS3vrddtPko-b4ujtG2zkXxX8Riw8YRlwNZU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 43E2 70 B
265 B 146ms
40ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ-HtDu2RRuz6mlpNXK3HvQ&google_cver=1&google_push=AavPq0O8si7hK-j2xinif4NH0d2TwNoHeLnR8mIDHHaLasKcdYdDDVSJajzUQvmi68ll58K56K-M6zRovqPfqx_dt4wgiiJevXGeMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPLwqt1YYmgDuKOHq1e8Zq0&google_cver=1&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPLwqt1YYmgDuKOHq1e8Zq0&google_cver=1&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1ke...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE&google_hm=R49R0mlDRGSD3aY1b14q...

170 B
188 B

42ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE&google_hm=R49R0mlDRGSD3aY1b14qGQ==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NrvXcMka5NVb3z1F_PJ1Qz21MCZkBZt3vX223uC7yqdrEJj6urOh1hGKILURZTmbzZl4ZOoVVYUAs1keo4t362PPkJKDQIpbE&google_hm=R49R0mlDRGSD3aY1b14qGQ==
date: Sun, 08 Jan 2023 13:02:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6Z...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6ZzJIFmYFHOjSV2ubUOKjgA9qFoOB6Nu4-DrT4PD-w59uzdRW72lNrIySm3rtBVW75Ps

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cs6%2FC7j00mh%2BxpFJVFTnl0s8HEMOmuJM9x%2BQNlxBaqe1o%2FQehTKKmFHcJBUczFpfgn6WzgIdCcjkf%2F7WmZcgZtBkIsA%2FcqZ8gf42opoh9BTIjgLfyI1YCmXm2%2BhrhgrxiE9g%2BEG45ivZAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO87niHudui8OJCQOouRmuQ&google_hm=Y7q-2xBr1cXRACbFG4_XxAAAFB0AAAAB&google_nid=index&google_push=AavPq0OoL_2wH137Jo5ploqL3KN09eqqPlY6ZzJIFmYFHOjSV2ubUOKjgA9qFoOB6Nu4-DrT4PD-w59uzdRW72lNrIySm3rtBVW75Ps
cache-control: no-cache
cf-ray: 786520793cd7d540-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43E2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-eabbfd51-1285-494d-866e-d1e291906b83-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0O_dbl2z_oVxxcaEyw9x...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&google_hm=A-q7_VEShUlNhm7R4pGQa4M

170 B
188 B

39ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&google_hm=A-q7_VEShUlNhm7R4pGQa4M

Requested by

Host: ngconsulate.info
URL: https://ngconsulate.info/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0O_dbl2z_oVxxcaEyw9xlLt6lOXiS5OaX-H0Rti8AFCoaZ3ECF-jYbgCGmXgqI_FJR7o-DCrQeD7nmLXZqnMVVZTatBxvi29_w&google_hm=A-q7_VEShUlNhm7R4pGQa4M
date: Sun, 08 Jan 2023 13:02:19 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXeabbfd511285494d866ed1e291906b83003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 43E2
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBEw4QNS-SzzIm15BpJtqOU&google_cver=1&google_push=AavPq0MG1E9aanQznNU32iibTY0PW2FKSCsvVZd_0o5RDGVDJEqRuNbGR0ln7CTQcE3S8_IbcKlWWolC0uS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MG1E9aanQznNU32iibTY0PW2FKSCsvVZd_0o5RDGVDJEqRuNbGR0ln7CTQcE3S8_IbcKlWWolC0uSVOS0s_fHqdmyY02Jp_Bm0
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

24ms
23ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 43E2 0
40 B 138ms
34ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYdoHj0W6-SdHr3xRVqMLLs23uV8UXw9uQp5JvnC_ysl2Be8MxKgl4_O4O6meou6cvxh_R2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x90&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=istSBDQOoZ&p=https%3A//ngconsulate.info&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 184D 3 KB
4 KB 93ms
37ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1296
x-guploader-uploadid: ADPycdvaL9rvs93EQr8BhZwCjghU3OLaFwGPhCwVa2Juzc1rFm2Mo0tLydmNJR5Tt18RUKY14XKU-nkZpuObpHlBYRbDJE4GZOEo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvlMo%2F84AxNIxcfLpKCUUL9eezNiSw8SUH9XhohHWhMoWG%2FX3uKAvEpLRaDCvReEx%2FUUzeseda%2BZPiJqv1X8FX9QQ6y2%2FgxqgxT0t5a68YJrnkrlPvPqbCp0TIM%2BL5x0KckIzUqSasVwNC99RG4tuScV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78652079699c2a56-CDG
expires: Sun, 08 Jan 2023 12:43:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4320 1 KB
643 B 24ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:50:08 GMT
etag: 48472445140208031
expires: Mon, 09 Jan 2023 12:50:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 45EF 3 KB
3 KB 92ms
40ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1296
x-guploader-uploadid: ADPycdvaL9rvs93EQr8BhZwCjghU3OLaFwGPhCwVa2Juzc1rFm2Mo0tLydmNJR5Tt18RUKY14XKU-nkZpuObpHlBYRbDJE4GZOEo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6BWr66mStAu9BnVNMF2o1ZYSp6Jw%2F1Zsgn8wiWQu4tZpbOX4ia3ylQ8mOSook4Bc334zcx5%2BOnUIzhaFjpr8rjKcw71yfAX0oJ75WBaoGqC7NJldl9oNXB9kR%2FpsOLgclzG0YNnJleOq7ZhNaEmR1v9"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78652079699f2a56-CDG
expires: Sun, 08 Jan 2023 12:43:40 GMT

GET
DATA 200
OK truncated
/ Frame 6B7F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed2ef532c98097bb3f2b91e51bf2dbbd7378c17949f180a9753075598ad9414b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 925B 2 KB
1 KB 31ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1500649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 786520793cda2a3b-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 13:02:19 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul4h168PbjNaF8LqyMyuDmcEHr%2Bs%2FdFYLVy1NzALdUoRSJNf9Z8qdpCyyg2mnXW0VJa8vWLH16MnVeVmosaFssRyU7fo9%2BL0CnrRm3x22V4duqzRGKbujtOCY17X%2FfxyFW2moPw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4DEE 2 KB
1 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1500649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 786520794ce22a3b-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 13:02:19 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckpxD2nxdDzDuf57LAo%2Fq0DK6Fr%2F36wQS8RT0OGeSUxC25G1ruiQQnFstu%2FIzyCi4nAUXqWoflKwRXGbuj6Kip6IpxirRHz%2FGeVYfD%2BK2h9EVISaU6TXv%2FrNqtbvvsAWifKDojg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E7C 42 B
64 B 191ms
140ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQGhSudfZ3y1TVvMKe0s_7hwCmammt4hdkh39vq1sat_VX4KjZ3qpWHmPNSjpJxsIWNMgiNN1UKaDlObEX5DH_I6tSLEcAc93hvYjI8SL_gBH3ERoJOiLvCrmXl87nnSCexCiV2A&sai=AMfl-YQM47MqzPR9G7U5kzkWGoB1g5_xWQKHnfoXU3Ea9o1VgNcmA9qO_3OTeDJQb7ZV8nd8gRtolBIYFcFT_ug&sig=Cg0ArKJSzKkmzvh1-Q1oEAE&cid=CAQSGwDq26N9z0Xkuo58d7XK6HOQrRw64f7FWdK4nBgBIBM&id=lidar2&mcvt=1023&p=-70,0,430,180&mtos=0,0,1023,1023,1023&tos=0,0,1023,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673182937728&rpt=306&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6B7F 15 KB
15 KB 101ms
43ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 145295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6B7F 15 KB
16 KB 79ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 505047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6B7F 15 KB
15 KB 86ms
34ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 235204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 19:42:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4320
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1&google_push=AavPq0NYJPH9L8ioESihTQyAJhtU9utJEwA3fT-NCZTBoYRcmD4nTG-FDCMJVIaBm_IMLG0rDJ9Xd4k1gOFRMrFrgwD2okHUY_DplrI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2MDEzODA1MjkxMjQwNDkzNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1

43 B
398 B

56ms
23ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOtt684Gsq6eWYmakNiGkGI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4320
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPxBEQ2-4oUNw8hRDBq4sgw&google_cver=1&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-hWmr2kjk_SustHcSWH4I&google_hm=VvIjo_tMTYe4c7no6...

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-hWmr2kjk_SustHcSWH4I&google_hm=VvIjo_tMTYe4c7no6q7bKG0

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PEKAQRRktBogrgEufj3IQZNRDDEeM2ngqUhoyIzH9nutKbnuQzDJPbJhgUskbeR0bsiR0_WmBEn9-hWmr2kjk_SustHcSWH4I&google_hm=VvIjo_tMTYe4c7no6q7bKG0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4320
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDOyRZAPJ96zrdtZwxqvXmE&google_cver=1&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs-6E_WbTqYCtCGgvg&google_hm=hmO6vtricorhUX6...

170 B
188 B

38ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs-6E_WbTqYCtCGgvg&google_hm=hmO6vtricorhUX6k2Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63BABEDAE2728AE1517EA4D9BLIS

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0NJ670COAAJ0WaXJYzPtSVEz4sqnOjwJYiV3COfl0_9Ttpgyav47uHsIw8JoIX_cJQeNA0-MFX32UgfRs-6E_WbTqYCtCGgvg&google_hm=hmO6vtricorhUX6k2Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63BABEDAE2728AE1517EA4D9BLIS
date: Sun, 08 Jan 2023 13:02:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4320
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGon-QwC5B7JscUOU4G1dws&google_cver=1&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3J...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGon-QwC5B7JscUOU4G1dws&google_cver=1&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJT...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7134391e-c72e-4c78-b3bf-3af209869696&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA&google_hm=R49R0mlDRGSD3aY1b14q...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA&google_hm=R49R0mlDRGSD3aY1b14qGQ==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P1euWY5l-kwDMIbtxdPLH_a1Tn6c1V1Un8du9zNMGrlSkegkd68wPn04-xN9ZhJ7lzZiqohWTtrzPIJTBxun3JH81Tpkdv6PA&google_hm=R49R0mlDRGSD3aY1b14qGQ==
date: Sun, 08 Jan 2023 13:02:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4320
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEModAGV_rdu0u9EMK4i6Qtw&google_cver=1&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zKoE...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTA3NjQ0MzA5NDMyNzE4Mw&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zK...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTA3NjQ0MzA5NDMyNzE4Mw&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zKoE4yJiqeHmzksayuOQcGlXDNU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTA3NjQ0MzA5NDMyNzE4Mw&google_push=AavPq0PSi4917s7jNrRmfdkgK1UeZyTLcA_loSULgPamPgeLSsZPXNe_tFt664NsC4Z1WmYxS0u6zKoE4yJiqeHmzksayuOQcGlXDNU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4320 43 B
351 B 79ms
26ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPWRlvLe_ultP_8t6BkhnmI&google_cver=1&google_push=AavPq0PFV69PJttI5wp3a8h_tESONhH1p6WhX5EbPHIBpCC74QdMtsCaAHQT0x4C6kdwBkHPH-4bTtQkTlRO_NiEWE4f_ctQjKF8JmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: j4grqq0n7p5mm2ni5vg5pr5tiuv6beth

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4320
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPUpecnZ1eG8t2ua6vXOLXk&google_cver=1&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LFJYcbqsMC_Fzld3n-

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LFJYcbqsMC_Fzld3n-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NcGvF4DQis5ymF4Dkn7vL7XdjJK0bX5II1v1EC7RrURrNbU11LaswpTOOm3ZceqAdQd8fuRDI4z1LFJYcbqsMC_Fzld3n-
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4320 0
12 B 36ms
33ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvNWWgPaR8VAHxHcUoypug-7kZMA9uhrF5RYpDyGdxu1urNqdWajWGcixwMJjSfZmvCYN7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 184D 1 KB
2 KB 44ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc367862322fcaaac7ba198ca029a3bd4d03b03205fe96b3555d7902799ffa97

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTktAsUYPegGnRAu1jLGI2iWocHU9mp8x5Hcl%2BKjgd5Din3fd5fjHMwts%2BRJ8gsmv2FpI7oJr6Kgr2O9wUOGG5xVBQXNJYGoxUiDMyVluxQS7GQ9YQ38Dhg5jdcoo8us9R%2BSNTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7865207a1c9a2a16-CDG
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 45EF 1 KB
2 KB 48ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e877b6b3f5dfe34a9c0bb54944524ccece23ad9d67edd62f2d1c85ab50bed7f

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YjgMQ1Q2WCUkjKvrj%2BjSzgdUTxV1MLNE1cn6b5j5DIL6zPOqhGdBr9SIwdPcQk%2BnDFI4w8UNlLtsoqn0fgxOc3GXdWZrNpbWllfGxwBtCh3GNFwVaJf64YTrYabMz0TLudT%2BjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7865207a0c882a16-CDG
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
43ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78652079cc182a16-CDG
content-length: 24
content-type: text/plain
date: Sun, 08 Jan 2023 13:02:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2Qsun9lSISruGz%2FhVP714KAyvhTsgyz%2FS%2Bpiq43FvXYRwNUnRuLeMlB60YaotmUNE%2BXyjIGFxzgYqCK6O%2B8yludb0YMLorurLXXDAstjg10%2BjVHAObrhPkfzFZ4a7QX%2B693Xds%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3b3l

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 57ms
39ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78652079cc1a2a16-CDG
content-length: 24
content-type: text/plain
date: Sun, 08 Jan 2023 13:02:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXfM8tdKk9eW1A%2FHUC%2F0azCB15oHxWINoKz%2FgmnOYVG9EBDBa5IhFaB%2FwS0Vdpl7z5nSiaZzolS61WwEs5Al6rW5MvdojF5vvbrDPAkRlqJ3%2Bfd1JiC7ACFKAa8pZuck3Uy3zLc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3b3l

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c548414c9aab7329f3961c7cedabcb8d4800ef747ace3257f3279872ad0e8e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11153
x-xss-protection: 0

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 00D5 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=64994175&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673182937&rafmt=1&to=qs&pwprc=4136388948&format=1200x280&url=https%3A%2F%2Fngconsulate.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673182937569&bpp=1&bdt=2179&idt=-M&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5f24f3ab54eea73f-2205bfbf31db00cd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ&gpic=UID%3D00000b9fadc4aabd%3AT%3D1673182936%3ART%3D1673182936%3AS%3DALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2114748903895&frm=20&pv=1&ga_vid=1854583625.1673182936&ga_sid=1673182936&ga_hid=297849995&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44773747&oid=2&pvsid=583746623998704&tmod=16948074&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LiQ5v3nxZu&p=https%3A//ngconsulate.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 12:39:09 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C17B 9 KB
4 KB 54ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc129753e9332b6d5ab89f087b1b26527efd4651cd874df5532b82a39e86a66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gpkva6h77jzd96zmsapknzv7sfs5f61404x8z9jmt4jt2kpmpzcdvv9b0tqgyggh13q0rw9p4360ws7a908xyseh5e67tcxkyv9t3br8xakkj5yg84sydkxfcbwq712jzc5mnx8sv2486hs2r29ka88q29y6mgg3jybmjbn5wrb44j1pe2j5jxeptbnbfaq17e5m3tma7crm2xc82jpb55f00hxfvfc3r6dxgn8vk6kcyj9gq5383bceceb8x0m5eywxps3kh9jf5z7cmkvn4cy30kenkhrbgd2v1xz2zrm4f2q3w3b38nj194zeeqxfme3vas7vj4qdtej5my38bwgddzvrx2tzr28x4gs2nnc19a884m7ze710gq0p02emwn4gt861nvftnvj7hgd59zy9r970r4hmdtam66j4sa1pj0qbzh42n0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7865207a6f0c2a3b-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3FD4 9 KB
4 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7a0c215308b831d0aeea7339689d8af4a590af846fbaec4c792fd35c705874

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gjkm0bppwrf17jnb7dc8rj9webcq46strq7t30z71mpzwfq0td38g517wvqpf7y9rwkkqdb4t0bykxrnmhyc8amnsdzh42xcr93v8ak6he59vdmbm6fzmp32k7hqf7v6trt0ftk7yj46bc0s6rsfk83qx7z9vzng327nv2rs3s2hr0cm49ssay6nc607tzfs1p3fxpy6gnnt26drd3kp8yhyfxagtw2pqd0ng12b2evz26ayp3qr4wrq8gvcpg2gp9spzjhscfv513aykr0mge1300xe4mpkb1h5dh174qrh0ygw3hth8esymjkbvb6phqmgmrdrjx48dv6f5kssy076pweyqenfvfp9aatb29tgxcxy1qj71msg12fpv8m8e4r5btt700sdqd3kyhdhpqxwcqrsp4egt57hnnt0xwmqrkatdqncgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7865207a6f122a3b-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:02:19 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 3FD4 89 KB
11 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 300406
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeM4pTWvtMPzI5mjbvernF3SG%2FO9Jc%2BGzGqpCp3MsZgtdZ5Mi4chgx1UQKtC2OMMUjoPkizPw2z1J%2F2PbnaIefCujyOK%2FsqKgspkz54y%2BCd6mPDx6SsH2ZlXkGTXMGpBi33OYKZ%2B7Wo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7865207af80d2a3b-CDG
expires: Sun, 08 Jan 2023 14:02:19 GMT

GET
H2 200 ABA454A7AE847CFAF7318F28F6EA3F7546C9722EB5B52A244400AEF3C61315ECE97466A5C2C7672CB9A0279AD7D7B01E1FC2930474D249F9B12938527CA87354
assets.ad4m.at/logo/ Frame 3FD4 38 KB
38 KB 44ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/ABA454A7AE847CFAF7318F28F6EA3F7546C9722EB5B52A244400AEF3C61315ECE97466A5C2C7672CB9A0279AD7D7B01E1FC2930474D249F9B12938527CA87354
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f8be776bb6f0eecc7b93adfb31fa4d8315fd0e330f7200096e95d2f0c03fc5b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149310
cf-polished: origFmt=png, origSize=67872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38710
cf-bgj: imgq:85,h2pri
last-modified: Fri, 06 Jan 2023 08:27:02 GMT
server: cloudflare
etag: "f60deb3b96f860a5fa5cc09a031a8ff3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orpJgwyzX8ROOMwGAd7U8jIgZwRnkeG7mfbMJ%2FFLl0N4N6GE3%2F8sEyE9yjjYb%2Ftbd%2B53NxXjV%2F0cUNhuZGvcNlFnKlcbUb7Z05WMPePwOG99fjXShF56DxxFM5RgpprbBWh5d7lZALYcc5JP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19122a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
assets.ad4m.at/product_image/ Frame 3FD4 32 KB
33 KB 63ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0a67600a8b8939e9b77975ed81760e162bbb2a8b31d1e2ccd43390c64567ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240931
cf-polished: qual=85, origFmt=jpeg, origSize=70786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33146
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 08:21:55 GMT
server: cloudflare
etag: "d12e82ddee56e919d3da44d0bff8d019"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMKvzt9Hi6X8TN%2FqBD1RovSh9K8hRJ09KI6b4NObaZNmIlDZ5M1Jd4FOFuXDCF89u4LslgXXvBzC1ViQ4Mr5Z3GoasPse%2Fpzf5bn2EqBm0WOQDUv73QU66YJ1IpAl4eq3P3ecXh4lvdx4MXQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19192a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame 3FD4 43 B
2 KB 124ms
39ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.metaffiliation.com/trk.php?taff=P511C7956C863199&argsite=oneidE1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.010603904724121
Connection: close
X-TRK-PROC: 72825
Pragma: no-cache
X-TRK-SRV: 5
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 3FD4 14 KB
15 KB 61ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1500548
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNIJhrT66GyFX6WyOYgNwIPnA3KFvetGnqg7LVkQooAZO4C90ibG5QiklpSfRlIU%2BIn5yDkKgwyK2F48SDWCsYC1QkkLG%2BFcvgAKFULqbShzGaHQTBg%2FTyex7qcve17UrXzcXWh2M6yx1FYb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b191f2a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 3FD4 274 KB
275 KB 61ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2392725
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do3k2uUTdiPB7yVm0LG28cFPAwMj9VjZfG3kmuAWyEqJGbuE1v3woaEFAWZtwiQpJAwAbeoIPL7QBzC6BL%2BY%2BXWZcxfXa%2FCtDlxTPgjTtx7wbSeoTmYtElxlov%2BQqK1NpVFDGaLgwcgwEeM6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19202a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 3FD4
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

123ms
19ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 747
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.012253999710083
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 3
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
assets.ad4m.at/logo/ Frame 3FD4 3 KB
4 KB 61ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748364f1f50cac3f0ec54988c550350e3e7459ce1989bb86de58475b748f9040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236759
cf-polished: qual=85, origFmt=jpeg, origSize=4898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 15:58:56 GMT
server: cloudflare
etag: "d8ca3dd15c3da4aadfb68f4e93166a35"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm6qlFQ1WGcW22QlFZ2EYLgV%2BBzfIWk85SVrU4O90VtpdgtxYR9XuPiuU%2FaXTiNS6WU90L7H0YCnUzpQwn1%2FwPPFoJqY6nvg2aqjI9eB%2FdahdDMdETMmrIMN4ba6Zm8I9XcsWLxY%2FQzhp8TT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19222a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
assets.ad4m.at/product_image/ Frame 3FD4 74 KB
75 KB 60ms
57ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b21b86b642c10803f18145aa48372dff97f81abb8645163243d46b7428ea60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2177530
cf-polished: degrade=85, origSize=169531, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75920
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 16:04:19 GMT
server: cloudflare
etag: "7c9f4b508408665550d5e76e2d31406d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGe1DmIQaeX2k4GRz3neng3uZv2FYqjKbwSC3k1%2B1s8heu3F9fOmNnp1j7rC9bgMWe5vVkdz0JMb57fLSlpAvhw5yTuG%2FUvJsQsFHJ648TAguMuRr5BDEgjI9rnLgEN8gxXze2GQuLFgaVJQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19242a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2

200

img_11_7_24.gif
img.metaffiliation.com/1/48959/ Frame 3FD4
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

33 KB
32 KB

145ms
73ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=f5677ce786d22f35adfedbedc63751d2%2F17762484869054907174&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdgsp8j3kwf525agsdsesd8s0tfxhs3k2hkh147nghx09gd7bd88pat0ghpt5eec8247n2shaefz83nndch1tf8rtbp2xqg6sfw3gf9d38brk42ejctadj7vbnwg0dpp25r36850khrcn6d7npm0cx08cakkjgks5f738een5h6jbkrvd8hw1rhbzgfmntr9bawcnnbfagvczpsafca4hgzkrj2p3d2ejkh8a8fw13pbyaccwpqedngewejr57pp8v3gm600ryah6zh22n0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cro2b66Y_H1JoP9zAbRo4fYD-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9Aw0Og3QMsLFtGV2ojhyVpOJ6Cal8UljdZgRyXcxGfdt8fdxAkcs1bVUj-5advS_Fo5cvhpbv34jfMH17_z5z-0XwkndlpBqNV_wgue2mgzmnlu8zeCs9T_D2dTAjGoB5LwT-LsdBdAmPssj3Ztl9nuq6GgqtVi-2OlRton_d-qmCCVV-ztQutNwYL23sJ86DjtD-MzOZ4PO_w5a4AQz3cTHgieRHyODeCNqZKR9W4etKZ1vmRRe8Za_c7Rbjp8sicqZM7nUYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3MFEBX8c21pLTpHl9rtrWeOhdXOw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F1D) /
Resource Hash: 46389b3abd1c6df598fe1c191687b87f355facf00dde6cd1238ac76d40f12ec2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2016 14:54:01 GMT
server: ECAcc (paa/6F1D)
age: 2025
etag: "585d3a89-8546"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32287

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.018182039260864
Connection: close
X-TRK-PROC: 48959
Pragma: no-cache
X-TRK-SRV: 2
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C17B 89 KB
11 KB 41ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 300406
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6igitB2x2xQEq%2BLMZ1BDoAdqLjer%2FK6ebTtxuHLRlL259tMjv3brob9B%2F5n0Pb4LcORKyq8%2F9FJAgBOJRLlULyhhPk1YPcI4qz56lBKCX3RppEhNODr4s4%2BFjpzStiunm7%2Bl0OTI8Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7865207b08262a3b-CDG
expires: Sun, 08 Jan 2023 14:02:19 GMT

GET
H2 200 ABA454A7AE847CFAF7318F28F6EA3F7546C9722EB5B52A244400AEF3C61315ECE97466A5C2C7672CB9A0279AD7D7B01E1FC2930474D249F9B12938527CA87354
assets.ad4m.at/logo/ Frame C17B 38 KB
38 KB 46ms
42ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/ABA454A7AE847CFAF7318F28F6EA3F7546C9722EB5B52A244400AEF3C61315ECE97466A5C2C7672CB9A0279AD7D7B01E1FC2930474D249F9B12938527CA87354
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f8be776bb6f0eecc7b93adfb31fa4d8315fd0e330f7200096e95d2f0c03fc5b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149310
cf-polished: origFmt=png, origSize=67872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38710
cf-bgj: imgq:85,h2pri
last-modified: Fri, 06 Jan 2023 08:27:02 GMT
server: cloudflare
etag: "f60deb3b96f860a5fa5cc09a031a8ff3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfkqJwvX0W7EgIVSO1SKBXGAcvT6UilBJ%2BaFvN5v1B%2FxYb1BlW3aFbC1joO%2F570PHITaCKkiHAWsmx4OEsNFi8ave%2Bs0khzk7auxdjC66G2%2BWQQZBn9PSiQImLrup%2BdEpWizA4ko74EYltKA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19132a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
assets.ad4m.at/product_image/ Frame C17B 32 KB
33 KB 59ms
57ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/682EF27803907DEF4A7D6F4B531C5FB01122583E58BF8BC265EC15F3A4ABBF24444BE11A20E609FBED3CC727EBDE003141FFE1A18109C61B0E937F051C690805
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0a67600a8b8939e9b77975ed81760e162bbb2a8b31d1e2ccd43390c64567ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240931
cf-polished: qual=85, origFmt=jpeg, origSize=70786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33146
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 08:21:55 GMT
server: cloudflare
etag: "d12e82ddee56e919d3da44d0bff8d019"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC0wUbHGbZbkxCxMqxNzIr6LRBh98ysj3FlTp%2Bv4U4YKCsMxg7h79fOwbvviLjQeyUlYFi83GmYxpirpkjnM5HQidUqmp6ypmfRe%2Br4jYu3d0nz7rfz2DI8qzquwqBmcbeHZSvinyiFirZEG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19252a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame C17B 43 B
2 KB 196ms
107ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.metaffiliation.com/trk.php?taff=P511C7956C863199&argsite=oneidE1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.031316995620728
Connection: close
X-TRK-PROC: 72825
Pragma: no-cache
X-TRK-SRV: 6
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame C17B 14 KB
15 KB 58ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1500548
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BxbtIQHEnS3EKEqouYAK7Cf2o0cqZnseUoEH2vKnIuCSj2jlVVLfI9OJCnbtZRLi89oa1OU0RoSthn0%2B0Wft5OD0XSNL4PrP72voocR1YaYLYmnmRPOV76tE9Li%2FAA2SFJhqA77R2NTsKr3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19282a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame C17B 274 KB
275 KB 61ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2392725
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhwyvxKFYtoGcga4j2Qbq9uL10%2BzWk3WPGwrKTmpb5l8oBLA3EonemhVxR1q4wgbFuoLbkMomXQUeL1jdpDs29NimFK5XuKgBU%2BpFtoCA9ha%2B2bl2A6z%2BiK0QN8fJ2zcQ8b97JoQ35NXIxSa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b19292a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame C17B
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

159ms
56ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 747
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.008289098739624
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 4
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
assets.ad4m.at/logo/ Frame C17B 3 KB
4 KB 63ms
61ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F84EA2ECD0EDF7912C63A39BFF656E79225A5A767C41841B4581F55D7AD5CC01B9A2D4A64CF89E66634000AD848B977726E9B3065AED9DA60660528B03380FFC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748364f1f50cac3f0ec54988c550350e3e7459ce1989bb86de58475b748f9040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236759
cf-polished: qual=85, origFmt=jpeg, origSize=4898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 15:58:56 GMT
server: cloudflare
etag: "d8ca3dd15c3da4aadfb68f4e93166a35"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pY5jYt3w5xXqCigHEn8wom0pimClzBVlHcCt6NHI0ynz52SZQeZMc1ko6%2BGP2VY689JIG4g%2BOAcqgNjzHC0ECbOkSrfYv%2BhYtjWzfnlkjyl%2BzCEYnH0D2B4RdA8F%2FBFERsxHtkjUz%2BVlIzQ2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b39462a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2 200 12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
assets.ad4m.at/product_image/ Frame C17B 74 KB
75 KB 62ms
61ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/12C5144EC313322E1D2EBC8318BECFCB95FF3BF90A61F48FEF3239B2642CFA8E3579CAFB53CE4A3316D67DAF216332653A88840C75671C913E1D6108AEF20EE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b21b86b642c10803f18145aa48372dff97f81abb8645163243d46b7428ea60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2177530
cf-polished: degrade=85, origSize=169531, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75920
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Dec 2021 16:04:19 GMT
server: cloudflare
etag: "7c9f4b508408665550d5e76e2d31406d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMKKLRdHO0d1JS6J2CPRAeqMOdQte2rzw2DiNdDJWRl7TqEDolR4IgEg%2FiVDT7L3NuT0VpmE37kqeH7pC5wTKe35NsPbNHYx4%2BHuUINfyFSFqk8kvOsw0R92hjC7YmnK08UFRqoa3jhyVdMb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7865207b39482a2f-CDG
expires: Mon, 09 Jan 2023 13:02:19 GMT

GET
H2

200

img_11_7_24.gif
img.metaffiliation.com/1/48959/ Frame C17B
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4BF3F56C8631B7&argsite=oneidR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/1/48959/img_11_7_24.gif

33 KB
32 KB

134ms
20ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=324710%2C15737%2C175364&b=E1mhDfXGSVKpGazHAHjt4tPqpdSqTVTZAAs7%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGjJAukHwH3tQtw2K5SwTzTmqqH7&f=ARKHYfdBaRDqrhAHRH4tMCxe9ba7T4TDVVU9%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP2mdtxH5HYt9CbqMRTDT4T5qqaV&c=728&d=90&e=&g=2617a8664347670d910bdc57e9b1c5d4%2F12367089708772380523&i=112218%2C2951%2C71050&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1673182939226&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfnspbj050wjaa5pvkqe6cap5546n3yk5v1yaexg6vpvbry6vw34vxww4a540vkb628cqmpp1931wvt9bzn3f49vk4pcx7xk299z06qj2z1r49tv9q8mwfw19jeb14qnjmme14zqg8mx08nbmb27y5fmrq8ka2av1968cjxqm136gbjen81jhyyaz34z1pbgdz0qdgdmjpb6w0b6e64bvch5106rzhjykwh9kdvjfcbecctbg0vzg6tpstfcszfqbe0kjgzsh7j5vjw9310%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwQF2b66Y5flJ7WY7APIlbPwDuLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCPJNFBMrbsT6oAwGqBMcBT9BzRLpl-7_EfFudQLZe8ChI5NmxtWIwpRhgOxZnhB1p-OFwGn7pn_AoYcuH7Q60ENOMSSLy7TiwF29tTtcknUGtxD4ShSeEHRLi0Ga58rzy64UMOMuK_Mg7bBVDFRCXTz46ihHzrPaYorO0W_6dQZeqJW8NoyysnaSSTOYl2VfRCpiFAJwZstDKoouuTRmELX-xJlxFcWka5DMQrS-8x5jlX5NDMhvPZDsOMZpFAhdSeJO8TD5WACpC-ZcfTraFA7NjVZK8YYAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1kQhr5-C7pslQKbD-7ZGR7XyatzA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F1D) /
Resource Hash: 46389b3abd1c6df598fe1c191687b87f355facf00dde6cd1238ac76d40f12ec2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
content-encoding: gzip
last-modified: Fri, 23 Dec 2016 14:54:01 GMT
server: ECAcc (paa/6F1D)
age: 2025
etag: "585d3a89-8546"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32287

Redirect headers

Date: Sun, 08 Jan 2023 13:02:19 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.007767915725708
Connection: close
X-TRK-PROC: 48959
Pragma: no-cache
X-TRK-SRV: 3
Server: nginx
Last-Modified: Sun, 08 Jan 2023 13:02:19 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/1/48959/img_11_7_24.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DC4 13 KB
5 KB 42ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 12:41:22 GMT
expires: Mon, 08 Jan 2024 12:41:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B898 783 B
534 B 42ms
42ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66d8a33085658d15722a6b942de4a1383a87e726f662ee4f89b39c965fe6c1ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9RmaT0VteL98S_xMETx-vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngconsulate.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-9RmaT0VteL98S_xMETx-vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 13:02:19 GMT
expires: Sun, 08 Jan 2023 13:02:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B898 0
0 132ms
131ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=583746623998704&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DC4 36 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 12:39:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7DC4 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WYHndw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92D8 42 B
64 B 131ms
130ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAT6gubLz62Kltu8SSIYqvZGESoPlPLMqngYGNrX4ONxZO5NWp5Pip_B65kefm0XnCGrezhn33G8a7hw2ZC37UexHCA8XxIRDBnwy4sbA3qns5V8U2dd5gVzGM5fX1X1l9hQp5_A&sai=AMfl-YROqOaSgqn3aVGK1eku_nQhfxkiZEi7-Mso809MCJMMYj7k1-aaIPGuHoE_kzoiEfSHs0PR5QVa6lJbo68&sig=Cg0ArKJSzH5eNpw4xDG9EAE&cid=CAQSGwDq26N9HJf8A0zkpMzMM4ednJShIyylrpzfkhgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673182936514&rpt=2153&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 331C 42 B
64 B 132ms
132ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue4BZD3sTNUXUxIUuFEmu3ZI56B968ZW8ouLocNwkWmKBUmTVfhOt96n1_mvGC-RV1RXLYX3cERZuKBjg22rcHEmZISKBcML_0o4vqcrG1rCC6UusO09dBSjfcDEKkI7e0L7q2Nw&sai=AMfl-YRjOI31RQW6iPpxcUenwWrVG_O1HWFOzhh9mNb9BChwp_YhUE7S6SfOLz3oaUudf-5v0K-oMc8Qh6nGwx0&sig=Cg0ArKJSzI6LEuo3HxixEAE&cid=CAQSGwDq26N9z0Xkuo58d7XK6HOQrRw64f7FWdK4nBgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673182937724&rpt=1063&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 13:02:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
132ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=583746623998704&bg=!xcalxoLNAAYDMoyoIzI7ACkAdvg8Wibs-YWGbKKxoSypHJE-pY0zEXKwnlAi1PeUNNBGo5fJ3Ew2LAIAAABvUgAAAAJoAQcKAJGfSFTo_mF5Aswl5adg4LBcTxvZ7an-XpiD8rlZES607XjXxy83CCyASWw3L1mZOEUvb6FqgoufDxw7yI5eYnZYZl8GAIEt9Iay0YPqT8e_kF6nUTlyNEXUzaGaCOFuvwrSkFfPC7MITTdokRqTEenh0NiePKfjsQ46JwcVJCpVqvw6PZSU60pdysOZEofJ12VfmQKiqbbTugNgWZuQCUWZKz70-g6-olraIntd54zhNE9wRTvriFle9BBqlfGUiwyVU068qFrqPBm3fLgTo8q1j1y6XmjLqIEfi-XNkVC--k0_Ab7aE1vPEeed3zuJgm3NAhVe9uMuPLFCDuhEgaLmrO-K2ZJr34-hLckb3enlX6xOlQzHgiq7yb6b0REHX2CNrlfpaCKBcOh6p3nldRHbTtQhXatEjMgf-8b89z4vrT8qxEYE0xJdXI-Onxgvrt0SsBuSV0JNwukWYQ4TkZJuwK3612wNvly7B5GskXY2HhuipjpKv2c0VulNtW9PI4yySFQwjay_AJTHryo1FbeYRWuTWhRY3q1a6RB6SByPEUpvKqVTMKEtuhQ6wtp_qZhhpEbd-xcuIgr79Mzukzwf21GAOPoEjMNZfCfNKWOTOb9WUNpNMldGZ88vr1-T193YA5NZsCdO8Pd07Ll3iE8RTv6AAc60P2WdkGBfwvNAOMyW1KvfQurZu9omFtnutdUVWNliee8_wzntcwzDHxYWfir71IzrMqRfEoB-Yr292iOa81ETg63CTEdtu0fh7RQuNtJhveaXb3ZieQszs1V-GdsdAd80KbLtZnfhkC2J3yBeqjxfA5tG9wHsBimutmB0wPaLAsg8y12XqjVZ2eU0lC6XpoIc8031Llmwy3RkgfwjdEc9yR1KTn1zGncUTWrV-JPlVs5-M87rqTcQdGkjR3Nf7oRaX8vkW-kN_QRKnveMOrsnZ2qw8vVha371iea_IdWPn3rI9MhRBwFMnv9Vy1c2bDyi4I_1PeYbosDsfQOdgFzJi7HsAdIPzl74nsDdIPDFKhZBlU78gxWbBkdaF92h0c9BnzcsVscyzLuY1nxadVnDHV61Lz3z3vY61igN8gb_YVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngconsulate.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngconsulate.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 65373db68057a0a886ce450eb67393d6
.ngconsulate.info/	1970-01-20 18:22:22	Name: _ga_899ZSPX9TL Value: GS1.1.1673182936.1.0.1673182936.0.0.0
.ngconsulate.info/	1970-01-20 18:22:22	Name: _ga Value: GA1.1.1854583625.1673182936
.ngconsulate.info/	1970-01-20 18:07:58	Name: __gads Value: ID=5f24f3ab54eea73f-2205bfbf31db00cd:T=1673182936:RT=1673182936:S=ALNI_MYA8NO-rCYUmg_FPa8Po5C49K3gLQ
.ngconsulate.info/	1970-01-20 18:07:58	Name: __gpi Value: UID=00000b9fadc4aabd:T=1673182936:RT=1673182936:S=ALNI_MYPQ-7zfohza9RgCUHaxT3gXMgFMw
.doubleclick.net/	1970-01-20 08:46:26	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:07:58	Name: IDE Value: AHWqTUkQCq0eeFyIKJipDV_llLgnkeL7Hl18Y9eMcQKxFYuppp40DlhMHu8GQ2YfVyM
.blismedia.com/	1970-01-20 17:32:02	Name: b Value: 63BABEDAE2728AE1517EA4D9BLIS
.adnxs.com/	1970-01-20 10:55:58	Name: uuid2 Value: 5109106643375949290
.simpli.fi/	1970-01-20 17:33:25	Name: suid Value: A5FDCCAC06824E0AA0938B253A16DB87
.casalemedia.com/	1970-01-20 17:31:58	Name: CMID Value: Y7q.2xBr1cXRACbFG4-XxAAA
.casalemedia.com/	1970-01-20 10:55:58	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-20 10:55:58	Name: CMPRO Value: 5149
.yahoo.com/	1970-01-20 17:32:20	Name: A3 Value: d=AQABBNu-umMCEIGb6d__7Xyu6DlcxpR7bxsFEgEBAQEQvGPEYwAAAAAA_eMAAA&S=AQAAAvcGYQyeIz3wHGtvfqXFV_c
.mathtag.com/	1970-01-20 18:12:18	Name: uuid Value: e77563ba-bedb-4600-b4e2-00cb2e214cab
.mathtag.com/	1970-01-20 09:29:34	Name: mt_mop Value: 4:1673182939
.1rx.io/	1970-01-20 17:31:58	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eabbfd51-1285-494d-866e-d1e291906b83-003%22%7D
.adform.net/	1970-01-20 09:31:01	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 17:31:58	Name: IDSYNC Value: 18yx~29b1
.everesttech.net/	1970-01-20 17:31:58	Name: everest_g_v2 Value: g_surferid~Y7q_2wAAAFZ88AAF
.casalemedia.com/	1970-01-20 10:55:58	Name: CMTS Value: 1110
.adform.net/	1970-01-20 10:12:46	Name: uid Value: 6701076443094327183
.targeting.unrulymedia.com/	1970-01-20 17:31:58	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eabbfd51-1285-494d-866e-d1e291906b83-003%22%7D
.bidswitch.net/	1970-01-20 17:31:58	Name: c Value: 1673182939
.bidswitch.net/	1970-01-20 17:31:58	Name: tuuid_lu Value: 1673182939
.bidswitch.net/	1970-01-20 17:31:58	Name: tuuid Value: 478f51d2-6943-4464-83dd-a6356f5e2a19
.ctnsnet.com/	1970-01-20 17:31:58	Name: gid_CAESEPxBEQ2-4oUNw8hRDBq4sgw Value: 1
.ctnsnet.com/	1970-01-20 17:31:58	Name: cid_56f223a3fb4c4d87b873b9e8eaaedb28 Value: 1
.turn.com/	1970-01-20 13:05:34	Name: uid Value: 3460138052912404936
.metaffiliation.com/	1970-01-20 10:12:46	Name: neta_ssc Value: f1c5f419695vrwcx054t4a093ul3
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: f1c5f419695vrwcx054t4a093ul3
.metaffiliation.com/	1970-01-20 10:12:46	Name: kwknc_ssc Value: dp511c7956c863199-b25laWRFMW1oRGZYR1NWS3BHYXpIQUhqdDR0UHFwZFNxVFZUWkFBczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp511c7956c863199-b25laWRFMW1oRGZYR1NWS3BHYXpIQUhqdDR0UHFwZFNxVFZUWkFBczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.sportradarserving.com/	1970-01-20 17:31:58	Name: zuuid Value: 7134391e-c72e-4c78-b3bf-3af209869696
.sportradarserving.com/	1970-01-20 17:31:58	Name: c Value: 1673182939
.sportradarserving.com/	1970-01-20 17:31:58	Name: zuuid_lu Value: 1673182939
.sportradarserving.com/	1970-01-20 17:31:58	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 17:31:58	Name: zuuid_k_lu Value: 1673182939

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
action.metaffiliation.com
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.fr
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ckeditor.com
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
img.metaffiliation.com
match.adsrvr.org
ngconsulate.info
ngconsulate.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.72.77.63
142.250.186.34
151.101.130.49
172.64.154.237
18.198.46.54
185.29.132.241
192.229.220.129
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.234.175.175
213.19.147.45
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400d:806::2008
2a00:1450:400d:806::200a
2a00:1450:400d:808::2002
3.126.56.137
34.96.105.8
35.186.193.173
35.204.74.118
35.227.252.103
35.71.131.137
37.157.4.39
37.252.171.53
51.89.9.253
52.58.228.255
95.131.136.1
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d64fc88f3be38276c42484506ea81198c9c9d7d380352e260d469d8be84cef0
0eda6d7f70bbf8e6814f93a3c0f0258e7bda03da77d40b9ab4f225fdbf8883f9
1016d67757b734cb02c24695645c23f9601dbf9ffad0a5789e22c15a0f38bc63
14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2720f8bc6baad2b59197f46fc6f003ba6d8c7abc00996729306088848a2d50f2
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3fab0dff5d79100c0c603a9089193256d0506d8a32c8ff383e2f972308d7f7e9
42e76a70e7cdd1f43248c4fb45f5210042e13bdbb62b2c4b52224aaf4f61ca80
46389b3abd1c6df598fe1c191687b87f355facf00dde6cd1238ac76d40f12ec2
4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4cc129753e9332b6d5ab89f087b1b26527efd4651cd874df5532b82a39e86a66
4d56d907e773c9e86756412e940b205a4deb60af81fec27e264df00c0ae622a3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e
58b21b86b642c10803f18145aa48372dff97f81abb8645163243d46b7428ea60
5c7a0c215308b831d0aeea7339689d8af4a590af846fbaec4c792fd35c705874
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e877b6b3f5dfe34a9c0bb54944524ccece23ad9d67edd62f2d1c85ab50bed7f
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
66d8a33085658d15722a6b942de4a1383a87e726f662ee4f89b39c965fe6c1ea
685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9
6f8be776bb6f0eecc7b93adfb31fa4d8315fd0e330f7200096e95d2f0c03fc5b
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
748364f1f50cac3f0ec54988c550350e3e7459ce1989bb86de58475b748f9040
7514e870eafdd8e44f2d4e0a190114fa83790944b44a8d85bf603ffab48e9283
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
805ea03019f04291bba99ec8b18ba48260852c5fed12cea82cdfe0b1b0207780
823251540b87240b75d46e9be27c4fa867a4fa24d01dacfe6bad69a4cd5ae29a
889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad
89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d
8a927ea944e16b3fe05b38b1e673051d3b5ca6fe818f2048e3c3422f68d61833
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f0a67600a8b8939e9b77975ed81760e162bbb2a8b31d1e2ccd43390c64567ce
9fba99f255539c52e3dafa574733742a3968f210ce2789907dd65838e9e5887f
a07391047ad1b4246cd972dd8ed09af7ce251a9adfd8c3a61c2e11e3101c2aca
a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99
a13b786dd108e561a82b2c69d252ac46d5fe9fcdd31de53cf9fc183d8bbc7cf4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4be90615fe21072f732aab53daa3e03dc9a989b7fbd74a3aeeb1327dd76d3b2
a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e
a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
af4432353a110afc8d2d6a81d80f613ef4aee927b1297e990acca4f70b955434
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56
c3708ffb52b47f8fcf44e26a22fc4117d70325d9e13c6cd4f3e58f5e67ab3d4e
c548414c9aab7329f3961c7cedabcb8d4800ef747ace3257f3279872ad0e8e94
c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5
c92173bfde67e6a8144677d0f11312d465b39f1c82f12d35551f36446977d496
cc367862322fcaaac7ba198ca029a3bd4d03b03205fe96b3555d7902799ffa97
dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e205bae06d3af5dc576a991893b789e0af2e8044291e9c3c99014199b74336a8
e2b67b020b7a158710aff20f39cec035625e8b1e33836c2e06e3875cae6d3bd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b
ed1fbe4800e97ebd652fd31fa81abd059e689c1716c56afc1c8dac008a38ac79
ed2ef532c98097bb3f2b91e51bf2dbbd7378c17949f180a9753075598ad9414b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f3f68c7830fc572473df47f5ef1f149be2141822299a6a7c316cf51460e90449
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60549b6d7b0a2d27115b9a3145eca52e24f51a6a01d992132288edc90d8c55e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe30d65ddb77b6501f219a748767783a0bfdfecf047f02d19b0c8cd3496ab5e8
fe43ab0de4de4d73c8e8f0dec4bbfae2b29c1f634cdb83df61c41db94468670a

ngconsulate.info Open in urlscan Pro 103.72.77.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

88 %HTTPS

46 %IPv6

33 Domains

42 Subdomains

27 IPs

7 Countries

3111 kBTransfer

6771 kBSize

38 Cookies

1 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngconsulate.info Open in urlscan Pro
103.72.77.63 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

88 %
HTTPS

46 %
IPv6

33
Domains

42
Subdomains

27
IPs

7
Countries

3111 kB
Transfer

6771 kB
Size

38
Cookies

191 HTTP transactions
7 data transactions