qa.bb7r.com Open in urlscan Pro
2606:4700:3032::ac43:a3d5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dogapartswp.sw6.llocweb.info/
Effective URL:
https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Submission: On October 18 via api (October 18th 2022, 3:12:05 am UTC) from DE — Scanned from FR

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3032::ac43:a3d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is qa.bb7r.com.
TLS certificate: Issued by E1 on September 27th 2022. Valid for: 3 months.

This is the only time qa.bb7r.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	137.74.39.136 137.74.39.136	16276 (OVH) (OVH)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3032::ac43:a3d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4001:c02::78	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4007:4::c	15169 (GOOGLE) (GOOGLE)
96	19

2 137.74.39.136 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: sw6.llocweb.info

www.dogapartswp.sw6.llocweb.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3032::ac43:a3d5 (United States)

ASN13335 (CLOUDFLARENET, US)

qa.bb7r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4001:c02::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:4::c (Ireland)

ASN15169 (GOOGLE, US)

r6---sn-25glen7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	391 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2267 adservice.google.com — Cisco Umbrella Rank: 78	52 KB
10	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	105 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 444	113 KB
10	bb7r.com qa.bb7r.com	81 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	257 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 933 r6---sn-25glen7e.c.2mdn.net	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	llocweb.info 2 redirects www.dogapartswp.sw6.llocweb.info	302 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	47 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 30859	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	694 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	43 KB
1	ois.is ois.is — Cisco Umbrella Rank: 348968	744 B
96	14

	Domain	Requested by
16	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	qa.bb7r.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	qa.bb7r.com	www.google.com qa.bb7r.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	r6---sn-25glen7e.c.2mdn.net	googleads.g.doubleclick.net qa.bb7r.com
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	ois.is tpc.googlesyndication.com
2	www.dogapartswp.sw6.llocweb.info	2 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	qa.bb7r.com
1	ois.is
96	22

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.bb7r.com E1	`2022-09-27` - `2022-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Frame ID: 7361138AA31B4D59F21A6DFB67DFF09C
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: C4BE13B308EA2B085D97D9848D6838C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&adk=1812271804&adf=3025194257&lmt=1666062719&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=4&bdt=233&idt=177&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2153693303794&frm=20&pv=2&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418
Frame ID: 8BE07E42F7DA6A8DA9C94ECDF32DBB8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435
Frame ID: 2B7D9D2305EBACA9EDDD34548F38EBC4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440
Frame ID: 1E9ED9CBBEF3925C2375ECDE3757E5E9
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1134426763&adf=3132389021&pi=t.ma~as.4895294644&w=1004&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=1004x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=229&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C708x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RBLwJMuogA&p=https%3A//qa.bb7r.com&dtd=444
Frame ID: 677A33CDDCC5169D8A3CB36EDF2E1281
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: FF4EBCA2C6695A0043F31AB7735307D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EA19D5722F3EA0B272E58E5D4A2D947C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5398848D673ABB3879BB2D37907A2410
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39408C1152479047D2FBFB49821BBD4C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E41296C920EEBA15BA2C51D31956758
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Profit from affiliate marketing earn money from home - Sea Of Information

Page URL History Show full URLs

http://www.dogapartswp.sw6.llocweb.info/ HTTP 301
https://www.dogapartswp.sw6.llocweb.info/ HTTP 302
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwi1urGohef6AhXQwoUKHXTzBoE... Page URL
https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

98 %
HTTPS

90 %
IPv6

14
Domains

22
Subdomains

19
IPs

4
Countries

1110 kB
Transfer

3275 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dogapartswp.sw6.llocweb.info/ HTTP 301
https://www.dogapartswp.sw6.llocweb.info/ HTTP 302
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwi1urGohef6AhXQwoUKHXTzBoE4ChAWegQICBAB&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&usg=AOvVaw3mxySAiaLJAWRyEJzu7RFt Page URL
https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.dogapartswp.sw6.llocweb.info/ HTTP 301
https://www.dogapartswp.sw6.llocweb.info/ HTTP 302
https://ois.is/images/logo.png

Request Chain 66

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3A7A2DF4BDE6A4CACEC821CA6F947EC8D6599F27.305F43052344ED7E2AE30DDC135143D2877A0472/key/ck2/file/file.mp4 HTTP 302
https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/499F37681B2B19AF6B6869A16D595E69F39CB256.1074CEF1B1668CEAA7A04E83A5BC529234EEE56A/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4

Request Chain 68

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/76C4715C4F58E1105723F78F9C82D681E8851E78.352216DFE4BEF6BA4B1DFABA4CB3F779FA05D9F2/key/ck2/file/file.mp4 HTTP 302
https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52A39A4D1AF7D7D645B13473DBC9DD5796D05C9F.2BB5A8CC9B315DA0FDEB063147FFD99208C8909C/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4

96 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

logo.png
ois.is/images/
Redirect Chain

http://www.dogapartswp.sw6.llocweb.info/
https://www.dogapartswp.sw6.llocweb.info/
https://ois.is/images/logo.png

553 B
744 B

104ms
45ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75be16f91861d21d-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 03:11:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSQAkc4%2BaNohiw3Nrcz69j4L0PTp4PlLYpN%2BjQCBd07qzXqj8%2F0nxtJEoQ1oQKfaO1adj8C3NMLs5XVFe36ww%2FkZl%2F%2BCy37MKEKsdF3KAGFdxBgm4Ulu7TlrOC4Jb0oPjF00wOI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 03:11:58 GMT
location: https://ois.is/images/logo.png
server: nginx/1.14.2

GET
H2 200 url
www.google.com/ 1020 B
1 KB 112ms
51ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwi1urGohef6AhXQwoUKHXTzBoE4ChAWegQICBAB&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&usg=AOvVaw3mxySAiaLJAWRyEJzu7RFt

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 493
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 03:11:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request profit-from-affiliate-marketing-earn-money-from-home Show response
qa.bb7r.com/4/ 28 KB
8 KB 255ms
201ms Document
text/html 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwi1urGohef6AhXQwoUKHXTzBoE4ChAWegQICBAB&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&usg=AOvVaw3mxySAiaLJAWRyEJzu7RFt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5728dca378881f49496bbe26c964c6628bcd54d49dbb0560bc2a54c1a81b7b5e

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75be16fabc39d642-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 18 Oct 2022 03:11:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVtfgGfAwhVTbHBwLrQd24hzVtTMN21HJ5OHAEAReqWNlbv1H4SkS%2FXidJ1x%2Bo8BGmjyo92dd6prI1EOYV1oTs3j7spd5C04hJerlkVzb3eGzPurIYwSs3BlLCJVPZlry6jcKcbhUrDQ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 qa-styles.css
qa.bb7r.com/qa-theme/SnowFlat/ 70 KB
13 KB 31ms
29ms Stylesheet
text/css 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 18:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6282
etag: W/"520766-1169a-5c06bb407d880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsYPrMbulyAytAKrmn%2BCzcP0p2zjdMSeoJgD%2B74pPMSW5ZXlEq%2FSxVvrmZbvt5IN%2Bpo77N8aVk2M5qfVvOlH9CIpaltlEjsfzNYRcNbbvKnLJzj0cIpGW0xuMMuld9dftTDmvOrw%2B8eSXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75be16fc0d04d642-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
qa.bb7r.com/qa-content/ 87 KB
31 KB 31ms
30ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 18:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6282
etag: W/"52041f-15d86-5c06bb3e95400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEBh6ExBTmbPaNXabZImLNYTOWfXE1e0XtPxNg6T5nmWUbA%2B0QDr3KulraB3bcJ%2BQJONqgNYJTLKhch4WB3Pz0IMrTELR2t0d4LV%2F4vDtWIL1zGKudJg%2Fjry0trEc%2F3Jc6UcqdJGSlM13g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75be16fc0d05d642-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
qa.bb7r.com/qa-content/ 20 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 18:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6282
etag: W/"520422-5046-5c06bb3e95400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMI6kgP%2BXaK0Xs2d08PveGet4uOpfCnNbTNN65D2fuiLdnYufdG%2FrWUT%2FmFXV%2BH8xNsUiTEb4LnzXs3dTDgnEtRnYNh6rcuLOIaevWboWhT9dkv9rEinYgkhzSWacuuRQosz64UE8MxNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75be16fc0d06d642-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
qa.bb7r.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 26ms
26ms Script
application/javascript 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 18:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6282
etag: W/"520763-94f-5c06bb407d880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0RkojhmCq%2FCHqanONDCZ2wAwmnrEQgdtptnlQyzAYcV9lIwf5h0cOXHFiCUmfM7YxsaUvJk4HkfDesYKGUJhhZ9di0PMziVuWtvsCZsYqqrYFdm576DhO6wbELpqCE4sch49OrWPhl9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75be16fc0d07d642-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 99ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a74e667a87bb7f6ea1d4dd0abc38a6be5e5f32e1f09f54a337df1e8d09e951cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 03:11:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 126ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3003222699823545

Requested by

Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f158ad288a49b38315d1a4919ccc74903dcd98634e771f003dd00b5230bbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Origin: https://qa.bb7r.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55140
x-xss-protection: 0
server: cafe
etag: 17508967167176893519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 03:11:59 GMT

GET
H3 200 vote-buttons-3.png
qa.bb7r.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 26ms
25ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
cf-cache-status: HIT
last-modified: Fri, 31 Jul 2020 19:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6632
etag: "520760-5b1-5abc1b4911c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUt4FkIJXJD78KHECAtb1ihzDEhDQ%2FF6fykmwJA0Rlppg%2Fho%2BxklAJ1Rcof1pmQaOJUAUHGC2qtf0YtUlzbgQc3xCbdyuU%2BWR5xuDfGxH298pSNQUdJ65v389Jqy4nP5MfCum%2BaIZLD7tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75be16fc5baad3dc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 fontello.woff
qa.bb7r.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 27ms
25ms Font
font/woff 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.bb7r.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2016 22:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6632
etag: "520720-1c20-5387ceedb4180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoJ7GIMaypl8Ro1At9gelqdoG5QD2ZnjzCpBSQ4UdAloqfjnSt9b2hvVjgKihcaRmD%2BsHUkAV9KKU8ooPSlRoxhnQgGuzut61qY9fUbbF5aR79ybE%2FO1YuDcokbCRh2aE714L3duX7Ojvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75be16fc5babd3dc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 answer-white.png
qa.bb7r.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 45ms
45ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jan 2019 18:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6632
etag: "520731-b33-57f6f598c0800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BRMOGpNiZeVE4w4jRw7jcTdhj3AV32McZKMTHvv%2B4gtz%2Br8TovtYPe3vP0heyHiMvcA2Vr6QMfhfoGQml6%2Bhn6gs%2F0MQlA9T3j0jm3w1V3Pi1PB%2BkXoJwxknN10ALGik4ilxwxiA8%2B4QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75be16fc7bb5d3dc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 search-icon-white.png
qa.bb7r.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 25ms
25ms Image
image/png 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jan 2019 18:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6632
etag: "52075a-584-57f6f598c0800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vwfqS6xEO0dT%2BDhqPydZxDao7frWJcgg%2B1kAVBeRZaxmsglTWGQhhS4cRpjJZKr2rvJKU59IvTOOVcejLfkb6YANR3yC7r6i7HPqzdBPVnBsRyU5ddH5BUFZnxtzc69OOXYMK32QQLVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75be16fc7bb6d3dc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
qa.bb7r.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 60ms
59ms Image
image/gif 2606:4700:3032::ac43:a3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.bb7r.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.bb7r.com
URL: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jan 2019 18:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6632
etag: "52075c-1e65-57f6f598c0800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eslkLRbKXNjw5SH%2FDPT9eikJarqKAbPkDgc2qyCjpLov618BjVCyHTtPl5ThgtzX0RzK%2BnrQnNX4TW2xEnC3jk0Nt%2FawfBYWShHBVTSbogkcdw%2F0Nt6I4UY7dqA%2FT%2FtmQ0U5nL9qU8N09A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75be16fc7bb7d3dc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6962
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 03:15:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 113ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3003222699823545&plah=qa.bb7r.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3003222699823545

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2655b65e531916827d0004aac51b75ef6fbc58d449cf38f5d5abbdae81c85cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118805
x-xss-protection: 0
server: cafe
etag: 17202862546577844164
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 03:11:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame C4BE 10 KB
5 KB 85ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3003222699823545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 28767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 85ms
33ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=59906283&t=pageview&_s=1&dl=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Profit%20from%20affiliate%20marketing%20earn%20money%20from%20home%20-%20Sea%20Of%20%E2%80%8B%E2%80%8BInformation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1107264617&gjid=1279724572&cid=44883776.1666062720&tid=UA-237003713-1&_gid=1955107583.1666062720&_r=1&gtm=2ouah0&z=59952244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:11:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.bb7r.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-3003222699823545 Show response
fundingchoicesmessages.google.com/i/ 106 KB
37 KB 117ms
58ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3003222699823545?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3003222699823545&plah=qa.bb7r.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6efb3dcf54d3399515fb5ca3f2263fb102658a227e0c96ee2355e89e3b0e519

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8yLjZGP9jiUXTTm7MYiY4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:11:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8yLjZGP9jiUXTTm7MYiY4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
694 B 95ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.bb7r.com&callback=_gfp_s_&client=ca-pub-3003222699823545&gpid_exp=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8afaeffe865370fff3000bd9abb4ad1b8e35f6d30ded8b2b10be8c8fcb514f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 131ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=qa.bb7r.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 111ms
35ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.bb7r.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8BE0 2 KB
508 B 133ms
79ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&adk=1812271804&adf=3025194257&lmt=1666062719&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=4&bdt=233&idt=177&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2153693303794&frm=20&pv=2&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28737ba41fcd0921937fc9152d353b400a8a49bf235a313523366feea7c2a727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 485
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 03:12:00 GMT
expires: Tue, 18 Oct 2022 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B7D 93 KB
32 KB 520ms
480ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ac9c91f5298581c60b64c871eee52ce3b8b039d708cb95cd92efa60d179f0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 03:12:00 GMT
expires: Tue, 18 Oct 2022 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E9E 68 KB
22 KB 422ms
386ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b355cb35fc524475c5ebdc2d038fdcaaf9d37188f354a9812ea9fbafd25bb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22135
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 03:12:00 GMT
expires: Tue, 18 Oct 2022 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 677A 68 KB
22 KB 401ms
369ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1134426763&adf=3132389021&pi=t.ma~as.4895294644&w=1004&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=1004x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=229&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C708x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RBLwJMuogA&p=https%3A//qa.bb7r.com&dtd=444

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a999960ed5d7b4851dad9df6da38a25acbeadeef0d41fc42d63c291408aad8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 03:12:00 GMT
expires: Tue, 18 Oct 2022 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxW963OHa8XTWLJ4pPyizyFkSBviPwjz-7CD-xG16ACJaG_p7PbDsN4uWr0yycezcSSmKIGJwB3JKB9SiIG01-o= Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 112ms
59ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW963OHa8XTWLJ4pPyizyFkSBviPwjz-7CD-xG16ACJaG_p7PbDsN4uWr0yycezcSSmKIGJwB3JKB9SiIG01-o=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2MDYyNzIwLDM2MDAwMDAwXSwiNkRDNUZBOTEtNTg2OS00ODMyLUFBNDktMjhDQTY4RjVCNDMzIixudWxsLG51bGwsW251bGwsWzddLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCx0cnVlLHRydWVdLCJodHRwczovL3FhLmJiN3IuY29tLzQvcHJvZml0LWZyb20tYWZmaWxpYXRlLW1hcmtldGluZy1lYXJuLW1vbmV5LWZyb20taG9tZSIsbnVsbCxbWzgsIjdWdmZKMVdVZ19VIl0sWzksImZyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.7VvfJ1WUg_U.es5.O/d=1/rs=AJlcJMy77ggu6N9zBoDiH0QafllMuHyxbA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3a8b2d8c533ead97cf77ea40cc1e200ae189faf2ae800a2bb51fe87fd69460c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5OtMxO91WdQ_QgsWl8wwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5OtMxO91WdQ_QgsWl8wwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXNb1t_uLsMBu3gbbMPUZmpSUgivxEPLQ_4DPd2StJWLzqoF36y0i3e9s1yNzt9oNy_fZXnQYgxMHUylMQq_HSRyMqOGx92EAPVpPeqX3MrBsLD5g338wbQPZTFmNyN5OSicUEK8w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 105ms
51ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXNb1t_uLsMBu3gbbMPUZmpSUgivxEPLQ_4DPd2StJWLzqoF36y0i3e9s1yNzt9oNy_fZXnQYgxMHUylMQq_HSRyMqOGx92EAPVpPeqX3MrBsLD5g338wbQPZTFmNyN5OSicUEK8w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fXZJz0lZMKWTf47jPiuswg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-fXZJz0lZMKWTf47jPiuswg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qa.bb7r.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW7M9kKq4DD5VQG4nH71KoE3NiYeG816SdhFfaLustF8V6fQiO4D4CkAdYrj2KVjOZJ664nTBo6dZNqpBdf9wFAoza6QJmcotlbknMeaXJ23bvWqZmKWA3GflqSiIFzBPJMLQfBPg== Show response
fundingchoicesmessages.google.com/f/ 17 KB
7 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7M9kKq4DD5VQG4nH71KoE3NiYeG816SdhFfaLustF8V6fQiO4D4CkAdYrj2KVjOZJ664nTBo6dZNqpBdf9wFAoza6QJmcotlbknMeaXJ23bvWqZmKWA3GflqSiIFzBPJMLQfBPg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2MDYyNzIwLDE2MTAwMDAwMF0sIjZEQzVGQTkxLTU4NjktNDgzMi1BQTQ5LTI4Q0E2OEY1QjQzMyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly9xYS5iYjdyLmNvbS80L3Byb2ZpdC1mcm9tLWFmZmlsaWF0ZS1tYXJrZXRpbmctZWFybi1tb25leS1mcm9tLWhvbWUiLG51bGwsW1s4LCI3VnZmSjFXVWdfVSJdLFs5LCJmciJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b8fdfbdc998d7064a0257d32d2130dd5b364b4a6ad5d1e3eae3e4c195a9e63c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XOf6qmaUjYfu-wrrxYJpVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-XOf6qmaUjYfu-wrrxYJpVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 677A 23 KB
10 KB 92ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1134426763&adf=3132389021&pi=t.ma~as.4895294644&w=1004&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=1004x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=229&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C708x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RBLwJMuogA&p=https%3A//qa.bb7r.com&dtd=444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 677A 8 KB
789 B 97ms
37ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 02:37:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 03:12:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 677A 14 KB
3 KB 100ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 677A 359 KB
124 KB 135ms
61ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 677A 17 KB
7 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 1E9E 23 KB
9 KB 101ms
52ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1E9E 8 KB
1 KB 79ms
36ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 01:53:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 03:12:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 1E9E 14 KB
3 KB 84ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 1E9E 359 KB
124 KB 87ms
30ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 1E9E 17 KB
7 KB 79ms
33ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B7D 8 KB
895 B 88ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 02:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 03:12:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2B7D 2 KB
902 B 102ms
45ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:52:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 2B7D 23 KB
9 KB 88ms
31ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2B7D 3 KB
1 KB 95ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2B7D 17 KB
7 KB 82ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B7D 152 KB
47 KB 102ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 03:12:00 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 2B7D 33 KB
14 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:48:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B7D 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9b7sgBlOY5LKBcmU-gaqzYPwAqTRpftszcOlyKkQ47jq4Y4OEAEgluDmTWD7AaABmqrH9gHIAQmoAwHIA8sEqgSIAk_QeNkKvNMrJEcn5VN33c3JBaMmzB_if1ASq6sYA40jAvksTF-A8dy8nMB7ECKfbuLVhiESHgRRVoFzt9KDyPaTFMZz0lwciIZV9VhGdOhS9YAAdam1SdrAZKQb0E3hbeivkMCw_io5NGK60xQxWwUgQTy8WTzO9hc1bcwEggrw8DNYmMKxtd8WkC8KUtxNeZxCpJ5U8AHCBdbb6gBB0Br-56haPHvSf222D16YOAs-mF1NfIfr7p4LnfHmXE9Lstghp-kGaKcRSHnUQEqQ8QULQWnTRJpibr9Rd17ejpfxlKsWmvsF6nFbdhjSP6a-HXfd3OeYxhZ6MRwIpSvCxIEO9WefU1WV7sAErbO5jYEEkgUECAQYAZIFBAgFGASgBi6AB-O9r_oCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0zMDAzMjIyNjk5ODIzNTQ1GAA&sigh=MyCKOa9ldMg&uach_m=[UACH]&cid=CAQSGwDq26N9sZrk-dr2h58iN2COrwoaos3umtzrzxgBIA4&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 03:12:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8387261180213011310/ Frame 2B7D 12 KB
12 KB 82ms
36ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8387261180213011310/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9321e9fa8672118c32e35c524e31ad075830d3d772985595a567d1c96ee8eb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 23:17:40 GMT
x-content-type-options: nosniff
age: 100460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:08:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 16 Oct 2023 23:17:40 GMT

GET
DATA 200
OK truncated
/ Frame 2B7D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2B7D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 1E9E 0
327 B 401ms
120ms Ping
image/gif 2607:f8b0:4001:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9dmq6q2&c=4899747083691&slotId=2449873541845.5&qqid=CJav66Tn6PoCFTPREQgdgSECvg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c02::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1E9E 15 KB
16 KB 89ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 37628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1E9E 15 KB
15 KB 91ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 308671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:27:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E9E 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvcZsgBlOY5bvBbOix_APgcOI8Avvwv__bObbuYjJEOLFuaW_NRABIJbg5k1g-wHIAQWoAwHIA5sEqgTuAU_QzIfK5qsuBFcIJ69ogF383-Ajin4gLfr2ji9zS8TTHafHyvxkse_vmyKvn5XFrjysO8CCq6GR3yxct9h3yT1DSXbicSIrb24GmpGBuPmsqezaggvV7nEoG3dZGW2c6-b6RKpCwYcPlqWZ24Fs25mCCjzUWE1qYooj-Qt7ubzfCron0sNvsKKAQdV_tuCxRP7sJ3k8AzEVYY6GOuAmrh9-BEq9y8JtakSEDfxbBwsyBvysiMKafCFwz4knxYtiHLpFTgGk82f8os52g8_xyU8EzkZ8NrzdfA-rue1MZrXaBfm7a9BQAXzym96mEM3ABPCf7KGmBOAEA5AGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8Tf7RDIE8SVnOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1666062720675&ai=CvcZsgBlOY5bvBbOix_APgcOI8Avvwv__bObbuYjJEOLFuaW_NRABIJbg5k1g-wHIAQWoAwHIA5sEqgTuAU_QzIfK5qsuBFcIJ69ogF383-Ajin4gLfr2ji9zS8TTHafHyvxkse_vmyKvn5XFrjysO8CCq6GR3yxct9h3yT1DSXbicSIrb24GmpGBuPmsqezaggvV7nEoG3dZGW2c6-b6RKpCwYcPlqWZ24Fs25mCCjzUWE1qYooj-Qt7ubzfCron0sNvsKKAQdV_tuCxRP7sJ3k8AzEVYY6GOuAmrh9-BEq9y8JtakSEDfxbBwsyBvysiMKafCFwz4knxYtiHLpFTgGk82f8os52g8_xyU8EzkZ8NrzdfA-rue1MZrXaBfm7a9BQAXzym96mEM3ABPCf7KGmBOAEA5AGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8Tf7RDIE8SVnOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 1E9E 29 KB
16 KB 110ms
62ms XHR
text/xml 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CzKAfdSurVxAAXV6bZHLcr7dpIpH9eqz3va-tEcXiPtbCostI7S2mxyJJ1vrFNYMmac5_dzvHyGfXp23d_SQstdudcEg&cry=1&dbm_d=AKAmf-BqJCvfqUs1otUoU_XAgNdtmrblaFjkoL23TWgn5W1l9-Z0_vyJlDVM3s3Jum2A3XAt5i-q_S61hzCOd3ghOsURyMiArKNHeYtuDCB5kOr7yL0eGRaf0iXQBHB8K39FZVb4dzuFGE3vNL5JwPHcRjc5YKNOe0chFCsDlUejvsi8c-oRt6IuY0XuMMHPTmgxxs-0yg__viedHGsXRergAbwwGo1p157fpIc2-HGP0a5xt_5N5R3BMn65MnZ4GVwVTcDKGqRn2KBCuoSzwzbkoxrEqnnNOFxwTis7AisIOSvFub7k7hveDmajPPuZi-_nwkWumyMv6t3KK1wxaCvZxWjhzTcN1-pjGKMBsXgANoEbmZA_uu0KbriQcAmSQsQhv6GGJBk-kNvQo9bMLzbbrzM9eTdivP1PfH_gERwxMhRm7z6UndFBXkHd-phX4rcMpJrxakQKL7WMNqs3I0-AZh8u5CrnRd1CuEf1wfJUEpXr9Oky-cRiDaubueblr_Fz9hxlnFihULWrAe7mGYhaU1LRm_AAh9CzmajoOMd-7gM67x_Nh2Y_SQJzgM3PvbAKG1W7BxC2dE0KrQNRSgOLI9q6lwvcdTQKCcLDyQJExwnkTJVp46ktTeAKd7EDCSYUS-5VKLH7m4O2x1jAIxsuGNIbdoDMTuR4LjTZYXjm1rZqYSsRaWNhAAXDO2J8NO_SdpFHAezpG2L3-915U_KNd2fwUwKdOQIJ9jczSB9MAk8FV3aaegZIzsR8RRofSSZWE83i9ssS6joQmhW1y9pYC-soM5QOKddV9AeN_nWPdJc_GIsaZhZAmi8zVmWuFl-P6giUO8TmmzTTiJ8GLZ2NjlAYHsdtOf9CZYmNsiCvEjiEezJI3bQXnUcKMQoi7AUiWGZa5r_TWSsPvWPkbrF6XybToSdIvcB8YuZk66aJVO87u1HV1Xtn16G04vuPO6X4I1aMcfInBhBnf6gGeAPdbkUL3t4-pQU3wlSJ8dIg5Zb2hIJaWUbhXKk3VIV6v8KZpoe9_4dN4nV8tPCK_G_wNbgPQ1BBMUxZpiYAotPTsImiIqIqOM_jz6QY84YCtJmL3npM7ImtRLI6AC8dQ2y30mn8nd2RZGpKCMBS_YSa2V-lwI2WtfCH_ctvaDXSNkwWAUyih7mg5yPi1KFs1LuzBU_w8-lJbUrf-j5TJqbbjDIHZShWwQXulqVCYlKh53FUtUqeS3xea4d1Ps3V6GQDWxbVt5R52GDcYcd4hYjaq6_PPP7RXAc4mM-QrOFLu88r2eUP5vzIeqz8e3vM3RcZA4nU6aq8j3NTrkUdU1VeW1GqyYVF2wyub2KD137ytBr4Uhhiwi9U6He_Xki45qC4kmb37mudqwmbKthf6Y_7cnnUFYGU8azWkqKhpR4_rdEyWl79BRwsoNs6kRsHfloaMszjX4SCA72Cf7-3UnpdWQiIQ9BUUgVKuNXxrigb3K35Erj1x7Dt6OwJoy7KNT5z4e22QtvDXNIlM6Qhceea2IDUhby6ktIIfhWF6eNFR8fxNoW10wIckE7Ll1ia0AkR9zRQ5NWS9DnDV_EhsIfGTeGtLFu9jgpeRunOALxYJQe4Z1BC57YDyCgPHzHNGeYcqcmzYEWWhYLAzvnRv-YM7e7IgT9P9exAYvw03I0Ux0RTGFl1U_MpULHbxzl7WhnfOYZND5TMgtKwQsMRWn93B4jjMQH_Siar5wDcXrC92ebR5v-TXGX6JgbLugl4AvNXKRin2Gq0kOTWwvYA4qomZjHFSyk_IiWjMdIo3kzo9A0xbtQTNDBM_HkTNS27-ex3xv12-cIZlzhwXR5zAD3v4bSBCeoNzdT_hGUSibl1jid6EwDoZr8XLXMplXvXn8QBL1Nlxayy_t3WexD1XCDTJNDsWvxLazD1IOzBAzgOBGrjUXZj1-7NB46DTIAlbIkLw0ZB_4E9JlW9jHuN5K8sYVlzwgU25kxR76Rr-50c6qxp95PDhppZWsjvhr8AP0IOJIfuKs9__z81_B4iKxUZnr8P9n1rTXGr5yko9mrxhsIcWbYE7wYn6vA9DMw-Ac3IZOJyCLndWDLGaIHFxugRzXs78rIxLrPhe7NeDM-6xpIZqkXvk6lcS3GwdMwKRaMu9LQkY-vwWhj3Wzg1u1Xk_e0YjZoY5TJ334eWGsZXZbq6CJWuFaanXxIgOK3qxhE3J2hy55N0i6bhxCve7rTegUwpxquguvx7Mfzhygpjc_1-bFAWv0BTZsXwScqZBLQPZKble4_ssJWrfKUBgRTe_grA8pnlYPhqWIJf4NwxrWlqJM914JPzm7b3Au-aAukWcC_5p_NNJkIgVWI2imEu5A8wZdpCrAWroP0sl2EIdfefsEQP1ogdc4cT49ilaJrNlHXN79r6gAcKpj0kfRj_Rn8hh9HHfStB-VC_-KeeZbDxf1NpuqMyR2yaszus7CBtHRMu96hASTJfJ9bY6w_6AZHAh1vQGNaFW2Hm9MbHHjt8wdFFjrrgTzad_WhTISfHG_udqdmPhtOuHYpj5eBrmb2BV13S8vJ0vPi6dEj5bikCCynd-jzuJs2WPc4-kUEtv3UKs9Rgsc_BG41Ugxq-1R2xmlQIZIJhu7Ts0mKZdD8v21gEB13Jbns7vBmWsgvMXoDJwMVtM_aHI-AWwtpMY8j745TxPUFfUSkBBfLJMFHGrzQfL0WL6LYumVNzNXj4KHQUau642to8ZDphu7crZ2Z7v6BhvIB0Gw5gYav-vsFAcZ9BXgraJjGeWXBfISrT0BQN2VbCmUY4zy5QWwfS9FLkS2rdA0QbyetI0NA0eQccMS1Nt1XyEg3AtJnzsJy5S-KTuFV5FNAwnIfovSqF9HiMJpRcZyGiBxwfsyQtD0W2BpoTlEjCn6Wy-_WqJjrlMyoSq9OfB5uWqAfrQbRxBHKtWZHcw2LW2nV9ojP5pk2S6ApVW7iZ6Vp-f1SVSCJkmD58D2C7jlzBBXi_GPceXvdj-lAuI1RF1HCUTQq-3NWXlf1iiWYbvqCANrMGB1E8ojlwGKUJNm8jF-stLm5ItmkhgX3da74LXre7drW3jqbF5eEP2Joa3cSm7MdpTRDoo5OVR3jLoA1pZKR-yy11OFdDccF0sP1MYTkcCnYQLX8l1HIWfu9_r3Wo6jobq5DOTuc3l4ThuLRjuSAkMh49CobhzkAYK0zew1P-rUGmV6rOhT1Np51UdZ4jDdqXMjaH1IQMYHpnA0_BxvtRHe7eluityaSznVyWXaz6VyF5UMw_Xb1V4hGBTqaP_AuegkTGisNrJ9VVscppcL3jE7cC0NfUl_IMRfcK4Lt4-5owWZFVU7qREVy3YjukpHEp2gchjYp5s3RF-WhF-vf6r5T-lqHBhnJghjGLiqgFyvw-Y9ZvjUVTnUDD7nD8nZsNtT6ZOvQbBh4m3wwVcJPQGyq_auwOz9jUJawvsJEobqJx-6ifU_WE3zcK2CoWIiZNsiWN_Sjsff1uLdjAdIQ2MHUoHX3lea884ATzipimmK9mXJYkzBf-RCeUNCxW3XU8TbvcQiNbq9vMtI_RF2XUmO0a43Y08_HMQboWvDibAPa03QP7tyTBH2UbobyCA6yaBWdK6R6ectBRFOUn-hLUmxpsABNqwhSJHnXSIP8YwvUwktP9SiCGLd3g1Y2YreAV96_1zk8bzWdUpycbPbgLKlWQERogBKlYRtHQXjRvzUM6c99Y5YQFG2PGYQ3nG4T4nMa7H12iwX3y6m49TcpPW2-MiAiI6KCNepm8Bvtp1owKfrcZjJfrBBBa3EKGLUEiPDhZ8gOh54mA7D4ay6XkkM8rtfAH6wXsjqPsAx3dQpRpxSTxLKsJT5-Y0IAGwSvsmUYYcpGpVkOhBGQ4VuszpFSjmRPzu3opK1MH8goeLsNZ0wBxDtgkG7eT32kZvWZzT8atRWJiqYHX1XUK39qSuCFs0dXmJb8B2zh3AjdD4SipCSup5mmHHLMx&cid=CAQSGwDq26N9g5a3Jwo1Cpcnh8jypmdQsYyvBICyQxgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

6d050c99dea05159f9825f14ec2385eca6cdb49ae22fe0ab4b3e3e7f452ae973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16276
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1E9E 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg1EMgBlOY5bvBbOix_APgcOI8Avvwv__bObbuYjJEOLFuaW_NRABIJbg5k1g-wHIAQWoAwGqBOsBT9DMh8rmqy4EVwgnr2iAXfzf4COKfiAt-vaOL3NLxNMdp8fK_GSx7--bIq-flcWuPKw7wIKroZHfLFy32HfJPUNJduJxIitvbgaakYG4-ayp7NqCC9XucSgbd1kZbZzr5vpEqkLBhw-WpZnbgWzbmYIKPNRYTWpiiiP5C3u5vN8KuifSw2-wooBB1X-24LFE_uwneTwDMRVhjoY64CauH34ESr3Lwm1qRIQN_FsHCzJe_U7SyuCsE-JiHMXfO4BLPrJ5s1Oskl7DO_zs7vtNRi3WpO3Zi2-p2oOX9ca3D7vweVBD_Eiu3AiBbsAE8J_soaYE4AQDiAWLi_iBRZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCRCSZxiOj5_VAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPE3-0QyBPElZzhA9ATANgTCogUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zMDAzMjIyNjk5ODIzNTQ1GAA&sigh=1ega7VtPiK4&uach_m=[UACH]&cid=CAQSGwDq26N9g5a3Jwo1Cpcnh8jypmdQsYyvBICyQxgBIA4&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1E9E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c375536bfaea07826a6ac826691571482b7c4fa9236eccdb50ad7fe21cff29bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 677A 0
54 B 362ms
121ms Ping
image/gif 2607:f8b0:4001:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9dmq6qh&c=5173871344566&slotId=2586935672283&qqid=CLbM66Tn6PoCFUUH4AodJ88Hxg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c02::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 677A 15 KB
16 KB 83ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 37628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 677A 15 KB
15 KB 92ms
64ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 308671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:27:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 677A 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxxS9gBlOY7aMBsWOgAennp-wDO_C__9s5tu5iMkQ4sW5pb81EAEgluDmTWD7AcgBBagDAcgDmwSqBO8BT9BXFfVAH8A_jX4iaCPvNGsFXKOSC-6sFpWMTaolZfMZYqOoa-dLmeuTelE5anbQBQJ2MZq0P_fQSa3KBERhbOT5C9MychKba0FJgfuyKoigeaoU9rHycTeJcY9aGyHJFc1GSuHgdwQX_r83YWysni221mB7BGAC9WItLLXGBGtpObqrXIYKIYMvTq1lh9SidKsK0ocYMmprqnZtZAtNS_YGmuJwnLrTULyKRXObB5qlOz9DTKmgH1pZMLM4oUyaeudmabgIbxkTROhnq0ZMgowPS_bUNr-3rJ4_Z628pl716HaRlCAe4r5Secypms7ABPCf7KGmBOAEA5AGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8Tf7RDIE8SVnOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1666062720716&ai=CxxS9gBlOY7aMBsWOgAennp-wDO_C__9s5tu5iMkQ4sW5pb81EAEgluDmTWD7AcgBBagDAcgDmwSqBO8BT9BXFfVAH8A_jX4iaCPvNGsFXKOSC-6sFpWMTaolZfMZYqOoa-dLmeuTelE5anbQBQJ2MZq0P_fQSa3KBERhbOT5C9MychKba0FJgfuyKoigeaoU9rHycTeJcY9aGyHJFc1GSuHgdwQX_r83YWysni221mB7BGAC9WItLLXGBGtpObqrXIYKIYMvTq1lh9SidKsK0ocYMmprqnZtZAtNS_YGmuJwnLrTULyKRXObB5qlOz9DTKmgH1pZMLM4oUyaeudmabgIbxkTROhnq0ZMgowPS_bUNr-3rJ4_Z628pl716HaRlCAe4r5Secypms7ABPCf7KGmBOAEA5AGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8Tf7RDIE8SVnOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 677A 30 KB
16 KB 93ms
68ms XHR
text/xml 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AJ_L9oP1HdHLw8F5kPhD02xwuQCFm7yHY02SUh9--IFX7SDqFNDEkHh71zfIul0ZAhc8nCzc9Q0yjtK3_2813pjk2luw&cry=1&dbm_d=AKAmf-DLsGNMVJAjAWIVTEw0kgyUqn_2HyBZCBURXptr73s4PHwwgVS1D1VMsJp2qwg_8zt9IB8e0BGfIuoKrMHh4P9pAa1wveRp_0ge3CETThS0TkjEXpfWif1tEu-VgvAD4pqlQEPXmv9ziRFcQhqkakCVu2O64vQwmy8BiAPObYle3laeE522kEd9H5WIedL20MFyoILnLcE0_drPlurrvbvwDIb5Ik5mp0ExPLFiqwTEmDcRz_WLp4MFqnqhlUUrqT9Y1jvkud6kris46xWQcPLe0oSYlXrkyWxVubh6UUHGiqxpx7nm3H7_DbuMx6QWyeUS3sOkhb9jqS1OfGfPg8zMjKgfPyN0Lc8mHc_m3xf8qbckel99M4ZYzLffS0hXscAdttPzbhMk2oK7sVsvlUt_RklwGOEixgqdoB12rVsiMHSOx6k4qcAmXHeyCASa4zzfhb1R1iNe1_eBABKdkXLbhaNxhriIaYw4_elokEy1onW6gh8hL3XybctMpNmXkyuzZyeSZK-87vT50e9uiLFJi1fkibgjqLYXLTCsdFWUUljsn9CoSYtqcNHVt7Cw0-m9bEqu_KWweH8a_gsMVon8l7zNhZjxWBgDMBhPZ8TGX_FTGJ87wBYZx4HBOH-kPxP5b5a5APXV9Q9uRH5XV7mdF1KWLrL12ltSPhOeQzKp0UxKG_sMZp_8fvt4gJAl5vDgIgu-XUynPVbsbnlHGyJywIHSWKX6sHJlUxKsybaTIYsd_wOhNpkfcoFfQNCmExicjCMFs9cUoXS3emtBuXwF8GP-nRn3O4EZHy4TjORWKrzW88cclGo6EHmJqnPqmbYvQxjwjPvZLf2MInC8VlDt3U4Sa5QT3ioKa6RHLAsYcQOPf7Mvjx7pd0o9Cjw0oC4VhA6i0ADaPaQFN9BR178dw_KISTz9yZZflAYEddXPvskkpF8e-j4ZrFi_1zN5wI2jYs2bghpdgbh2wuMXQhK5GRK9vkNVQv6tmw26w9P2coxxdoUiut0-EWWZxsmuJN7ykRGpLuNv8DvXUWcA0uZQLcIap2GMPUQjy9srwSibb6895-3vaIfoqWU2oHvBegTNOKD9V60aBoS5fJU_Ajq25xJSMiua7cZOBBdh-W0NhKx1BT4M1XyDN4oQqNSVsMtrHum2IeyuBFXUv86TYU9rW7lNfyCFALpxYpjHBXcXU8ogFDBF_ZZEoTjt1rSoDdpu9olAWh3l6B5ue3XQ3xNn5rjUf9RGW3CwKLMITP7mmf6tpliO62WfYflmnoZQhfqFHUxEClsX5mTgTNtfVV4OVlhxJDjD7rw9LJCiMSrO0hw6nfm5s78al3W4cB03ufwc9Ahz2LV4FBLEkckDyzvklJ-D2Iv_KdXnluvNw7XBojdjN6EK0o-i5nmhmkfSGIBQNVK81-lzf7v0vatidzIDrkaAcFqiDDBabgO57YS1DVhVlCUJcVRHD3A3d0e3hxzdXwkZ3ZlJkBSLZhAynexGdJvb5irVFcDJY1U0vM7ucLVDFr--BM5BSRLuWrDN0-XEG5XCGKsridSklQXW8iGB8vmL7ieWmBSCZlQEvRSj_uetMrBvhqXlL_521yGPeOUk21qUdxFlvjEtn9Xlvumwdja2dY7inzEo5ROxCgs-YomqyY66bv33HsinUZOKU_JUCO1HntF7m1_Vd4ilANBJb3UuWlx53U_TqrNNA_K-xronXK-Tj10uHUH7Is7PrhI1THzQ4yrQYBm6UESGhlfAaydFybL2B3bI66I5CBvacCUAsKTqZTUfvybjVhetzO2m_WT8mVaKeDPN2k_BzVLTObfjTt3saL3hATQy8KK799te2vrgTWk_Vg6LNQocCa0O7A5SoGIAYFvyoZfaHh-svXZ9yPptvpV0f8Vr-Q2T8vRF0nHVwBtyLqHqIcCaHJUx1WDJohclVe8BZLVkAtj5g8XfW1lqd3o7Jb4dmOWfo86NofI5_vNWJi50PXOQtBZjjjZ2L6Q7AQk2QKFk2kA2CmnHH62BZL-S7CMaehMqMoweKobcZjqaWTS2OiONDwpAJvxjW-PTjL5JsFi_En4X9YQmXnD2fttK5DaJgPX4E3OeqKBWS3wu2QA6hSxdtKs6MsS5sDVF6dBxl-LoVI_mSNG0Sfllq8eFODCSbO4W9dObFaOBtVJo4U5Yd4RcIBM3hVAJtddyI2z6Yui0CK2rdDcWXwYCHWI7nOywNOEHaAbxgyiG-4Xy-X2H6n-GPyGoJUHM8RnaS1QNuUr0SPow_95tD9W-GhnB9zrigxVjBAPHUPkVJYrvGv1RONBTjCCFnsFXjH5UYgtsYgf0YtyEO9ZVGAjdAIX--V5Vl4q7r1z5cBI8vDctKALxPAXfawEQHLpH1tRT_8reqkUNgTcdmxGi9Nv7B_DleYLCBpllRzUyjcWxbuDwZKwmKOxl2domzOQw9CDEXzI9lBNvXRwIyTLxvaAEVGzHxpsgGJYn9LzadEwwMgrkuCv_q_F7p2Q0ddvi4yd6LHqYn23MJFN6Q70k6c1dYCNcrw5CGH2u88-Q-8AO3rovTcH17OYGGkfYvk_bOW9VHJXWB6doGfEgLRCnoD_TZBnUlLkxZdFKry16NR5s2yol4cd0W4nFNPdNNM0DFtnVJaRH_fQxr5zySaO9hidvBIfsbmEmeJiYn5yxoY2c-njqcjbGcW0TIuAcRojuf6IneaMN7RNFBkls8ayvpHn23EST4WD0qCvLwoxFQtt7e-O-1TXyqVfG-GxfXQ3a70rWTPPOQPp2Lr7QNZdltE01sTWc11QStJulA8pV9sxCjVsJEI6Db9G6KAnafMQyJmw8-GEH_YPkv287Z2Wd5iPhH6ROPQPj_SFWPlFAqXAv94SUKr8w2nxevIKkp0uSQh-6_s9IQWPw9dDxaFeyOc_Mpr3JwNP_914f6OUDjD8cbyJCMeB91HaJB3eBC2NhSYPoc4uoAOYpV-Aw_lKO3FH7pfT7JlPNmj4CDyF07QwUb2kXpxPgnYSnZe_tnAA40GSpQ6IT2x2U8w4xE65C-dTvNiYotY1wqjNRu9h9zVEJZv2zjcE0owETLfvDqK4iyyLtyqEg0UhxkGEJqJwpHIIxkkDa4gRMZTvq2trfat1qCxYa3XR9zEvLajePkioGBs7hCLqgsJvQQA3OtrTqH4FRbGcQsp6AdDWAz1CUYdjnzYmM51-wgwVy0ZgTozZRZ0FKyFYlbp3PvBfbcS1DV8Bkk8gAPLBpxpEQMuibBqGXWlCWyyMjFcYvcn6MNo6LwvEpTUgeR1rMGmy9arx_n9YKz60Dhg_E0UWOFe_m94ERukd8x89NzT6MIH_vVkq71MhYnwF-AGt9pGiqc1G1aIUPM6J0RkV9kzij0vYLP1dlkMTJynbfGzU630XBRzspE4-WH4ZDR_VHi0gkuRfm6-2AJmZe_90GYGoipom5Rvxi5VxKIPAfpd5T2yZZs3Ls7YO25eC0eRfRWbi2vLVxs48U9zDcuzLS6I6OdpVl1Ywdo-ri1GD9AOpbS8HhfnqhnXsQZUT--9p8Dfujx1MDEW_R-tLK7u9Uj3uPC66IEeocWMlmTtQX_PtaopScqK-ZKM3SU8uMIcPEC0bn3si5nDFtLGjFp-hNAnm4-Xh932rsQxENUmaxnKuSkeXdG-MKQghV-Xutp1JQMos-OGYozdmpUcFycrgN1dKvBXiQ2Q3MkbVNN--E35XRdfBjH5ihfqDwtoeJjcu2rl5r-1Q2WGcyOUmHa1KMPHfnQnmc902_qay835xytbl3Fux4-0ZpCMj_fn74TeenDsAnf44-udsyG24moTkB09831App0EyleMiVGqjq29vOBsn6J0mJAhMQzZw9mBIe39BwxvuHs70Pgf3G0rdXMZTP5DJ6C-tn8kBJwsGp3RMEiGEI-0EhhqMa0kO2bRSQ8kEIJqNXDz_FUp2fcXCBqVi2Ez0X61Da1Rxiuk9thZz9Q0LJFctV&cid=CAQSGwDq26N9OGX7iSd12dkMQzku4mGTvUQu7RRMrxgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

7b4a988a5bd950c3f9e15809e4f6dc8aab2d044a4ab135a0f7209f91354e707c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16499
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 677A 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFr3tgBlOY7aMBsWOgAennp-wDO_C__9s5tu5iMkQ4sW5pb81EAEgluDmTWD7AcgBBagDAaoE7AFP0FcV9UAfwD-NfiJoI-80awVco5IL7qwWlYxNqiVl8xlio6hr50uZ65N6UTlqdtAFAnYxmrQ_99BJrcoERGFs5PkL0zJyEptrQUmB-7IqiKB5qhT2sfJxN4lxj1obIckVzUZK4eB3BBf-vzdhbKyeLbbWYHsEYAL1Yi0stcYEa2k5uqtchgohgy9OrWWH1KJ0qwrShxgyamuqdm1kC01L9gaa4nCcutNQvIpFc5sHmqVjPqEWodrPaMudJtq7_HgtY5FeCv8w7LElHe3EZ0YGhSZTFEXZiAV5SxdJtTZ35JQd9nq8DAZNHqhjfMAE8J_soaYE4AQDiAWLi_iBRZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCRDhXxiOj5_VAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPE3-0QyBPElZzhA9ATANgTCogUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zMDAzMjIyNjk5ODIzNTQ1GAA&sigh=AUXeXII1_2o&uach_m=[UACH]&cid=CAQSGwDq26N9OGX7iSd12dkMQzku4mGTvUQu7RRMrxgBIA4&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1134426763&adf=3132389021&pi=t.ma~as.4895294644&w=1004&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=1004x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=229&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C708x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RBLwJMuogA&p=https%3A//qa.bb7r.com&dtd=444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2B7D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b248d607d050f55b811806754ff9b2a24e9a21e4d2891ab259fb02c164d2813d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 677A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cce9465535e558eedf600da4d50cbc7e5672aa20cab77e5f1cb240e9673a6d3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2B7D 28 KB
28 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 17903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 22:13:37 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 1E9E 41 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1E9E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

117ms
26ms

Fetch
video/mp4

2a00:1450:4007:4::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/499F37681B2B19AF6B6869A16D595E69F39CB256.1074CEF1B1668CEAA7A04E83A5BC529234EEE56A/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=3871522323&adf=2234457717&pi=t.ma~as.4895294644&w=708&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=708x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=1&bdt=233&idt=228&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QAa56s5WAh&p=https%3A//qa.bb7r.com&dtd=440

Protocol

HTTP/1.1

Server

2a00:1450:4007:4::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 03:12:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
Last-Modified: Thu, 06 Oct 2022 16:17:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 18 Oct 2022 03:12:01 GMT

Redirect headers

date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/499F37681B2B19AF6B6869A16D595E69F39CB256.1074CEF1B1668CEAA7A04E83A5BC529234EEE56A/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 677A 41 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

116ms
25ms

Fetch
video/mp4

2a00:1450:4007:4::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52A39A4D1AF7D7D645B13473DBC9DD5796D05C9F.2BB5A8CC9B315DA0FDEB063147FFD99208C8909C/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4

Requested by

Host: qa.bb7r.com
URL: https://qa.bb7r.com/4/profit-from-affiliate-marketing-earn-money-from-home

Protocol

HTTP/1.1

Server

2a00:1450:4007:4::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 03:12:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
Last-Modified: Thu, 06 Oct 2022 16:17:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 18 Oct 2022 03:12:01 GMT

Redirect headers

date: Tue, 18 Oct 2022 03:12:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52A39A4D1AF7D7D645B13473DBC9DD5796D05C9F.2BB5A8CC9B315DA0FDEB063147FFD99208C8909C/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame FF4E 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3003222699823545&output=html&h=280&slotname=4895294644&adk=1751201938&adf=2334688461&pi=t.ma~as.4895294644&w=748&fwrn=4&fwrnh=100&lmt=1666062720&rafmt=1&format=748x280&url=https%3A%2F%2Fqa.bb7r.com%2F4%2Fprofit-from-affiliate-marketing-earn-money-from-home&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666062719585&bpp=2&bdt=233&idt=227&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2153693303794&frm=20&pv=1&ga_vid=44883776.1666062720&ga_sid=1666062720&ga_hid=59906283&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706%2C44769306%2C44774293&oid=2&pvsid=175763747972834&tmod=302924078&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XpE5rgpCCy&p=https%3A//qa.bb7r.com&dtd=435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 05:27:36 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame EA19 23 KB
9 KB 27ms
25ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 354513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5398 23 KB
9 KB 26ms
26ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 354513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame EA19 36 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 20:10:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 94ms
41ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3394b5c36ed2c5d2534578a23fdc1db0f08cb13e866350984c0b2feea1062f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 5398 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 20:10:23 GMT

GET
H3 206 file.mp4
r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 677A 97 KB
0 42ms
20ms Media
video/mp4 2a00:1450:4007:4::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52A39A4D1AF7D7D645B13473DBC9DD5796D05C9F.2BB5A8CC9B315DA0FDEB063147FFD99208C8909C/key/cms1/cms_redirect/yes/mh/7S/mip/2001:41d0:d:364d::3/mm/42/mn/sn-25glen7e/ms/onc/mt/1666062457/mv/u/mvi/6/pl/46/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:4::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 18 Oct 2022 03:12:01 GMT
date: Tue, 18 Oct 2022 03:12:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3993003/3993004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
last-modified: Thu, 06 Oct 2022 16:17:15 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r6---sn-25glen7e.c.2mdn.net/videoplayback/id/000f355987aee7c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697598720/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1E9E 279 KB
0 41ms
19ms Media
video/mp4 2a00:1450:4007:4::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:4::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 18 Oct 2022 03:12:01 GMT
date: Tue, 18 Oct 2022 03:12:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3993003/3993004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3993004
last-modified: Thu, 06 Oct 2022 16:17:15 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 03:12:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3940 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 19516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 21:46:45 GMT
expires: Tue, 17 Oct 2023 21:46:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E41 783 B
534 B 93ms
38ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

219fee1c0de61cd228a985a1189681f9f2e96bf773c1416ae718a4ff81ce9329

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HiMO-1cxAPXSaQVLccFjDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.bb7r.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-HiMO-1cxAPXSaQVLccFjDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 03:12:01 GMT
expires: Tue, 18 Oct 2022 03:12:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.4217750055355456

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3jUJx7JLNJBJWtQORw6Zhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3jUJx7JLNJBJWtQORw6Zhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 79ms
79ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.551439285392177

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QyM7EfbThFgOrw5l9kQcDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-QyM7EfbThFgOrw5l9kQcDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA19 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BxvuxgBlOY8GAL4qVzAaS5I1AAAAAADgB4AQC&bg=!k5ClkNTNAAYeOJy_Pjg7ACkAdvg8Wii22DdnmKrOk4JY_MCVaDN-QnDNoQxslduBg-eNEEs-M5cq-AIAAADLUgAAAANoAQcKAMS2oVxNAUA5jngmuyWY19XwVVUBSXizCMA6Eo98ZWrUFuBopi9K0FWpVWlORbqn9HNMJEz2pWLEmqd8P3Cn3jRUCMOi4P674vOoSZxstHKnkii7uN8vdvAqlB-2daaEcyXWBtFNTSAoyuYPyicAZpNvf4yvAGsHXYm7edvw5IFiGewNE1KxYu3qQFZ358qYAHFaBjoX0EYu-V_vA4OtyFtQVCE-V1DyDW_qK6nmdXE24rt8EnMruK3EyzqMaTHPFLdrK5W0mQLOY-XjYYXuKiEpNfZtusIjlvO-twPR8itvF310qGRmZD8SREwtHVyerGVxFHQXOdJe1aoVHMNHs94CpNTAjRmW2s9Qho752pSOmCncnrcApHDJBnBfofy2nFlwh8dEXdRQNVp0Gr44q1vQ3ZKL5PzybyEH-RDShfHpKNursVZif4AnjlpfnfBpr9Snj5QF9dHeHCSxyEWuZ4eDwcTWAPAvNrIzgXiQyYDHh9GAsIBZHZDyYmi_s3Cs5lHUyTO9QXvXvPAUPNfNcKbgdK-tr0k43LWzKrRwB_9EOZPCJHmuEoOpPl4WO1Mdr0agGE6an3A1ne2nslnJrZGuQ3vFoawbdbDFty_4rNP6Qdm-pNmcOKxpBvwizwXvArIxAKAux4JRt03Ip5KFU-OvSXb02OQ_t7AqYEiiSVMESwTYhluVfuxnlBsH8F8rT7lR14pgSNeqGJWBWsIfd8cy_SasRu741yJCobcQR5csA_caVrsSH4SKSPNbGbdyQH2YH27oR1dX3HPGaNG9p6dGeGxK_RkIt1AIRDqTW2qyS7GJ2MXjedEz9ksiFInxSQZCH5gkAwcVx6ACzEqtoRK6t8wa2zLJG2A_FtpT8Au-xfrtgyjbx27EalY6vqffHbWv6_AC-lhCVjaSfefmbTITon05AkH_hxuFSO7iqyGbNZ08Bv5ck9odN65rkpMdniV2TvsTq425MRtoRhkEepPDC2jtCvrvir-GowOxxk15PGjawKaAdUQu_MascLaioDSjIPuvBOC1PmTSK3pIpWyJNn-N8oOnLYAuweKz4DAKjuiOZrzR3LwUEc635AEnK1DZfIPX1mm6dLoypnIkP_uu2HuFg7az8nSzDzCzb_Y912bgRg4Lb4gGddIHbEhQHZDDFhtG-DpkYdja77uXblxBMKyyu3c9A9WTP_SKjTa_xcfzjNkWI9h65bw7pazgMbayIBBjEQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5398 0
20 B 157ms
157ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BNjuXgBlOY9zyLozAzAbav6_oAgAAAAA4AeAEAg&bg=!v7ylvPjNAAYeOJy_Pjg7ACkAdvg8WqFnxF1w8wFhQPpcdSeIgwVevDefVNzyWB1589GdLiOnWr8J_wIAAACuUgAAAANoAQeZAsymGqi5EETWKlxjzM3n7EXUsh2Of5VojXyIyMHmqh6jaa8RLwAKJOVU9SxmV6S5uLqsmXRvy-U2sOP8eA9vjnCtonrMsAwZHK_aKB6U5Orrf1I6R2p6dk_MK6V_T74lKpFZtR_DysWmPy_knqUlEHDzqARpG0KIWYeb6J1XEHqxinaDPJWw9rrylRsQs7M0mO9uuk_TO3xhogyKPm5KCP6QDYnGIXibextqAP33FX60YDHgYLm4SWDCYh4leQt2w-g5awNe-SkQ8pjd2R-lyReAgFgD8SxY0VWInXga7-UGayDdbwri3mDKzuHbgU1WcZA10lAQk9HEM-9sMx102FEKR3oBSSlX7vXcOvoYQv5jlWhqzHKSLJji1aOd95KA-FtMqABi4lOYu8kKKcTUXkj1EIaA9Q-97mRt93BTchNXjrdWhmEXinrCBdBraOfL8kOX1V969Yof2LctKAxBWq0QtHlOu25py3WQE8ZNIpwn0LkgApA21IPzO5JBPuRh6YwrQcAtt3FOe8lvGZVQS_uTR0wrvGJCf7fe8xhQh9corWGYn6v-7sfn8wfSY20PG-YOl5xjci2hwysrxTonxWx_WwbCoombZCNFoCAG2bU5VNolxmv0SyxabVSGUcsaVPV5vV3EYjjiZ17HuNwZLr3iZuEzAntGEFEeTt5bbpUiGwsgKtVxvrcssaeaVIT6eKwRj-6F6QisOMgHszHqKyx9BFOAcgMBjUTIbDe4BRaWXOi6ue0MwDQv_X3UG3j1ZYKWUw1r8ZsVQK7whbTfrOUZYaOzfVToK-7LlVVT3Jp4B2ZsBbGXgql5yB4tuNJBSMqaJFuTymnuocK8Zp8YwuFRA8FOJRzvJ6rieJ4qLoBlU8U95uB7f8htLWmyMvlEqZ3CYCucsDR7gc_iK2eHhoUr2NXp_yU1N_RvjHuAco--icLaHNYoMPaqzjdLgQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3940 36 KB
16 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 05:27:36 GMT

POST
H3 204 AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
49ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rn-fbMR0p_hOrzgV07MKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-Rn-fbMR0p_hOrzgV07MKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qa.bb7r.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E41 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=175763747972834&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3940 0
10 B 28ms
26ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rzMoFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B7D 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9EWEfFj2NsK17qV_86kov_ZB2P7cBoZjqdJb-X8K5dny4PnMsWDrzYNZeVa65mnK4qdumYBskbVCGmEvY5Vsysn0nVskNxpuJzO50dgVppWck9kq7VpDCUrU-eY9MhZiWsfxk3w&sai=AMfl-YSs_XJLcD-8EJ_F4CWLDKmyl14IjVdvQTF0k4LCOSqNV-s1NkbN2dzFkaVoIGo-pPktesAMQgPK5le5Q-Q&sig=Cg0ArKJSzKd3m2N5kHq0EAE&cid=CAQSGwDq26N9sZrk-dr2h58iN2COrwoaos3umtzrzxgBIA4&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1751201938&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666062720021&rpt=819&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=175763747972834&bg=!qqmlqe3NAAYeOJy_Pjg7ACkAdvg8WjlT7snwJHpN8zFeunofpw3eAtmEmoIakJyfkpOmehHC7vzbpwIAAABzUgAAAAJoAQcKAFWwigj8nUQH7JEgazWdgUyfRadRl5dDj3rDXmDEncBSl-TD8vhdHQdg_SEX2uzEVw2ZC6kR5ynQ8DIXsy-PnQiPA6mjZ4QY1toalH_FIgPD7KT7RLk6mQKdxAEsMUYhnSSdq3vNGVeIQpMzbF9z4AOTUz_2TLos29UrXUGsia_5_H_yX_oJ84wRlgKjWnIFFnG5dYn2-a_3f0U0FpThuwNeskkn9kIcPBHR80txqn0ouMzpDGvhlLINGu17-k2klv-j2wTbj_zNlltvZh4JkE9X6VBqD9WF8g4FvCiitHMLEzfKRfmQpe1papLYeRYHiKHifqfPzF2K9ePXIviHsy-wHNj0LKGWavuBfiypBbotryUKKd5y-4NqIO6J1j5CMqZoEgSdNSr34-ILggCg-hN2ZBQJWlVh_tXKdCNtMW7LCOTVWxg1xD2jOWWHvtMv6MOV4HpbHa6xLLLitj6bgkwz14oW2aNC_Bsuvy2_wlqeMYLLusMSZDz7dGNx9CtyvwgUbi8l3IPUGyXUAB6JFHX3I3yxKdtlGhCCt8zSBUUq_oOI3_41KcCB--R9dQuYnl1aqpb2uy5j3z8GX9D_vhtW2N8JMcOPOI_MtCZqlzZmoDGzSsgX83Lx61sk7AG4y1Jip1Rg0dqHpVDzm4018lxeCC4WyKr6NoQZamAK2NiGEH2P5Pefe6QNCwN7NT7H0WQQ5KN_FSpRB8o6h_C-ZJVInar7AOsx594uro8V6UjblcSDJgdnCj0hscEFqAVtYsxn2H5Cg21k7hJTisC1854Wvwl6rx6QlzPdK3dAlZttm42h9AttqDWTpIRJ2dKsXkmtRe7sfIoeilechsLCH7YNplZhLe-qXprFNxc7jb3ZMqi_LFiIvSjRYZaEFi6FHbQvEIZOtqiB_ESYfOGNKYWg5fkVTSWmyxUtKEWMRO_bOdTTCKerEUiX9HPf0DNTI8iRB5OGxgMuDesWIq3phjSvC0rnqBZui_ESJRuWFmVgfknXgE0C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 ad_campaign Show response
fundingchoicesmessages.google.com/f/AGSKWxWGKMCvJ7jeMBfcOjzoAwaruUieKOz0Jg5ze2-3jj9QTBHerR6viCBuZqJbXy8xUTuNweHTGh5iNgW-RFcOeRygFWngJqZGS8F4w5tSjkl3SZWTVRHPsmhWoPk9JpnH_pwA5CBSphzQSA444IB2lfSTbspPJ... 54 B
109 B 43ms
43ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGKMCvJ7jeMBfcOjzoAwaruUieKOz0Jg5ze2-3jj9QTBHerR6viCBuZqJbXy8xUTuNweHTGh5iNgW-RFcOeRygFWngJqZGS8F4w5tSjkl3SZWTVRHPsmhWoPk9JpnH_pwA5CBSphzQSA444IB2lfSTbspPJ2CWRiwzBm0x9ZpmcKPdgUPlgvAYD2UV/_/ad_campaign?/adcentral./amazon-async-/adblock-detect./adsline.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.7VvfJ1WUg_U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMy77ggu6N9zBoDiH0QafllMuHyxbA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7477293567fa9e15b31ee3d868c3cf435977a61c077630db738920c98510590

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0SqLGTG_OXXkVcygqKmxjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-0SqLGTG_OXXkVcygqKmxjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 63 KB
23 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 02:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 03:55:04 GMT

POST
H3 204 AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
42ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rCVSPDS9SDpZFjN76KgRLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-rCVSPDS9SDpZFjN76KgRLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qa.bb7r.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 677A 0
17 B 362ms
121ms Ping
image/gif 2607:f8b0:4001:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9dmq6rx&c=5173871344566&slotId=2586935672283&qqid=CLbM66Tn6PoCFUUH4AodJ88Hxg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=914&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c02::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 43ms
43ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-92X_C_A1mcoPFO_2fLzzzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-92X_C_A1mcoPFO_2fLzzzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://qa.bb7r.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
72ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nUADuCB0AROUFOft4rvP_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-nUADuCB0AROUFOft4rvP_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qa.bb7r.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 76ms
76ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7xSRu7r4CeUQhy6w0B437hw6qCeogEpV9D6RukMRcP-76mhEwdvpUJgHV7qAfH43gi0FAJC8oa8r2WVa4v3yoKqzyblw5ax1plmr9z0Kh2xE3Z34hccPYoPMURUdCjEI4H25GoA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lESrrgDD-2p4KzNjd6VEZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lESrrgDD-2p4KzNjd6VEZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qa.bb7r.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUrHQPu4iIsvSFONDGLd3--4uYw1NevUskbT7YyxcbkjHSGI1qwtzSY6O4ocdMrsM5MSThI2nMm4pKIG0drFChAdsvz79nX_tvHx1_FhpTROHZNNSMgIDeJEd_7NiBSPlKrM4DHoA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUrHQPu4iIsvSFONDGLd3--4uYw1NevUskbT7YyxcbkjHSGI1qwtzSY6O4ocdMrsM5MSThI2nMm4pKIG0drFChAdsvz79nX_tvHx1_FhpTROHZNNSMgIDeJEd_7NiBSPlKrM4DHoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY2MDYyNzIyLDgwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDEwLDZdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDEsbnVsbCxudWxsLDFdLCJodHRwczovL3FhLmJiN3IuY29tLzQvcHJvZml0LWZyb20tYWZmaWxpYXRlLW1hcmtldGluZy1lYXJuLW1vbmV5LWZyb20taG9tZSIsbnVsbCxbWzgsIjdWdmZKMVdVZ19VIl0sWzksImZyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93497e76902aeba51be58a4ed484a3b1e10e2cb51e029a82ef70eef5e2cbb48d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bDu5a2t1DP6nSyJ5MUHzAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://qa.bb7r.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:12:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bDu5a2t1DP6nSyJ5MUHzAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUHIlxlVBLY_UqvUKYqHIUSggFFh9Ltlt0AclmmVurtkvsmJU17urXA7dS-BjJLGQcMPxKDgk3To70L1WBhifFgpsxbvl1Lp-fj0cy7zHVV9n3MhX-wpl4cwWo8823Ny3EEJBh_jQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
42ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUHIlxlVBLY_UqvUKYqHIUSggFFh9Ltlt0AclmmVurtkvsmJU17urXA7dS-BjJLGQcMPxKDgk3To70L1WBhifFgpsxbvl1Lp-fj0cy7zHVV9n3MhX-wpl4cwWo8823Ny3EEJBh_jQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QjA36DSJOo_WGCt7XFfj9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qa.bb7r.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Oct 2022 03:12:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QjA36DSJOo_WGCt7XFfj9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qa.bb7r.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1E9E 0
17 B 236ms
121ms Ping
image/gif 2607:f8b0:4001:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9dmq6qt&c=4899747083691&slotId=2449873541845.5&qqid=CJav66Tn6PoCFTPREQgdgSECvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=914&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c02::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 03:12:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 16:17:29	Name: __Secure-ENID Value: 7.SE=FiEMZvZ268ntzr1Ao-Ch48hUCixS6DAOj3HxyRY7mEKwGdjzyxK3y_BGkAHrxKWPSh2DRqpkA7FafwsLssESCNOeindCuLtWoBXgbbMDvWis_y16mxu5RbHKzVWgtLDZWusVU3fahI0dBMP6uvZUJ5p33Z88r2IIu_ovyfsqu8o
.google.com/	1970-01-20 16:23:42	Name: CONSENT Value: PENDING+396
qa.bb7r.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1151bda512540c47e7c3b641cf52ff68
qa.bb7r.com/	1970-01-20 06:50:35	Name: qa_key Value: 0oawknvaye7n8cckxrn6a8g6bsit72kd
.bb7r.com/	1970-01-20 16:23:42	Name: _ga Value: GA1.2.44883776.1666062720
.bb7r.com/	1970-01-20 06:49:09	Name: _gid Value: GA1.2.1955107583.1666062720
.bb7r.com/	1970-01-20 06:47:42	Name: _gat_gtag_UA_237003713_1 Value: 1
.bb7r.com/	1970-01-20 16:09:18	Name: __gads Value: ID=ae2cfadd6a77acce-22f2b5b048ce0016:T=1666062720:RT=1666062720:S=ALNI_MYg5dsxkrHTOsglVznERJc4pxBGLg
.bb7r.com/	1970-01-20 16:09:18	Name: __gpi Value: UID=00000b749ad95a23:T=1666062720:RT=1666062720:S=ALNI_MbCFcPAEkDiB_yKXuXThmUzXcRX1g
.doubleclick.net/	1970-01-20 16:09:18	Name: IDE Value: AHWqTUmaVmlRCFYtGOg0yiTLJcdlNZDdamMLtTLZBGwjV1TnWD2y5Bpc1q6qmjY4gJw
.bb7r.com/	1970-01-20 15:33:18	Name: FCNEC Value: %5B%5B%22AKsRol-smUjiGmfngWA01Kmwqqr-8FBq25qrUT6d_J3LYe8qihmyxpPd3VbOWxDhH7oYDZ39WoFcXOlIeEyE0KaRt5ztR4pKA2LHZv35n964FL_y1PDuwAIkInLFc6l5yfI0HwXcAP4Nz9ypJzMCocTmBSVN3XUeQw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
qa.bb7r.com
r6---sn-25glen7e.c.2mdn.net
tpc.googlesyndication.com
www.dogapartswp.sw6.llocweb.info
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.177.15.154
137.74.39.136
2606:4700:3032::ac43:a3d5
2607:f8b0:4001:c02::78
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4007:4::c
2a06:98c1:3121::3
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8fdfbdc998d7064a0257d32d2130dd5b364b4a6ad5d1e3eae3e4c195a9e63c
0cce9465535e558eedf600da4d50cbc7e5672aa20cab77e5f1cb240e9673a6d3
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
219fee1c0de61cd228a985a1189681f9f2e96bf773c1416ae718a4ff81ce9329
2655b65e531916827d0004aac51b75ef6fbc58d449cf38f5d5abbdae81c85cb8
28737ba41fcd0921937fc9152d353b400a8a49bf235a313523366feea7c2a727
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728dca378881f49496bbe26c964c6628bcd54d49dbb0560bc2a54c1a81b7b5e
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a999960ed5d7b4851dad9df6da38a25acbeadeef0d41fc42d63c291408aad8f
6ac9c91f5298581c60b64c871eee52ce3b8b039d708cb95cd92efa60d179f0a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d050c99dea05159f9825f14ec2385eca6cdb49ae22fe0ab4b3e3e7f452ae973
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7b355cb35fc524475c5ebdc2d038fdcaaf9d37188f354a9812ea9fbafd25bb11
7b4a988a5bd950c3f9e15809e4f6dc8aab2d044a4ab135a0f7209f91354e707c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8afaeffe865370fff3000bd9abb4ad1b8e35f6d30ded8b2b10be8c8fcb514f43
9321e9fa8672118c32e35c524e31ad075830d3d772985595a567d1c96ee8eb5e
93497e76902aeba51be58a4ed484a3b1e10e2cb51e029a82ef70eef5e2cbb48d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74e667a87bb7f6ea1d4dd0abc38a6be5e5f32e1f09f54a337df1e8d09e951cf
a7f158ad288a49b38315d1a4919ccc74903dcd98634e771f003dd00b5230bbb0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
b248d607d050f55b811806754ff9b2a24e9a21e4d2891ab259fb02c164d2813d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b7477293567fa9e15b31ee3d868c3cf435977a61c077630db738920c98510590
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
c3394b5c36ed2c5d2534578a23fdc1db0f08cb13e866350984c0b2feea1062f6
c375536bfaea07826a6ac826691571482b7c4fa9236eccdb50ad7fe21cff29bd
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
d3a8b2d8c533ead97cf77ea40cc1e200ae189faf2ae800a2bb51fe87fd69460c
d6efb3dcf54d3399515fb5ca3f2263fb102658a227e0c96ee2355e89e3b0e519
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

qa.bb7r.com Open in urlscan Pro 2606:4700:3032::ac43:a3d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

98 %HTTPS

90 %IPv6

14 Domains

22 Subdomains

19 IPs

4 Countries

1110 kBTransfer

3275 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.bb7r.com Open in urlscan Pro
2606:4700:3032::ac43:a3d5 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

98 %
HTTPS

90 %
IPv6

14
Domains

22
Subdomains

19
IPs

4
Countries

1110 kB
Transfer

3275 kB
Size

11
Cookies

96 HTTP transactions
5 data transactions