urlscan.io logo urlscan.io
SecurityTrails logo

marketplace.lobservateur.com Open in urlscan Pro
69.18.223.180  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marketplace.lobservateur.com/
Effective URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Submission: On November 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 9 domains to perform 38 HTTP transactions. The main IP is 69.18.223.180, located in Commack, United States and belongs to . The main domain is marketplace.lobservateur.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 11th 2024. Valid for: a year.
This is the only time marketplace.lobservateur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    69.18.223.180 (Commack, United States)

ASN- ()
PTR: cl223-180.invision.com
marketplace.lobservateur.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
4    64.233.180.154 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f154.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:32::178 (United States)

ASN- ()
www.google-analytics.com
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c08::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c1f::9d (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    64.233.180.155 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f155.1e100.net
securepubads.g.doubleclick.net
3    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com
1    142.251.167.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
ep1.adtrafficquality.google
1    2600:9000:2073:f600:1f:2473:9080:93a1 (United States)

ASN- ()
cdn.undertone.com
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    3.167.69.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-106.iad61.r.cloudfront.net
ads.undertone.com
1    172.253.115.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f103.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
12 lobservateur.com
marketplace.lobservateur.com
www.lobservateur.com Failed
359 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 244
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
td.doubleclick.net — Cisco Umbrella Rank: 231
249 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 530
ep2.adtrafficquality.google — Cisco Umbrella Rank: 539
19 KB
3 googlesyndication.com
2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
22 KB
2 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3963
ads.undertone.com — Cisco Umbrella Rank: 11247
9 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 170
www.google.com — Cisco Umbrella Rank: 4
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
191 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 6733
20 KB
38 9
Domain Requested by
12 marketplace.lobservateur.com marketplace.lobservateur.com
5 securepubads.g.doubleclick.net marketplace.lobservateur.com
securepubads.g.doubleclick.net
3 2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com marketplace.lobservateur.com
www.google-analytics.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 www.googletagmanager.com marketplace.lobservateur.com
www.google-analytics.com
2 vjs.zencdn.net marketplace.lobservateur.com
1 www.google.com ep2.adtrafficquality.google
1 ads.undertone.com cdn.undertone.com
1 cdn.undertone.com securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
0 www.lobservateur.com Failed marketplace.lobservateur.com
38 15

This site contains links to these domains. Also see Links.

Domain
www.lobservateur.com
Subject Issuer Validity Valid
marketplace.lobservateur.com
Go Daddy Secure Certificate Authority - G2		 2024-01-11 -
2025-01-30		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-06 -
2025-04-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WE2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.undertone.com
Amazon RSA 2048 M03		 2024-08-10 -
2025-09-08		 a year crt.sh

This page contains 9 frames:

Primary Page: https://marketplace.lobservateur.com/AdHunter/Laplace
Frame ID: 561F6BD6175C2502BDD60AB73056AA5D
Requests: 28 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-K22W82D3R9&gacid=792355165.1731554210&gtm=45je4bc0v9105165721za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102077855&z=808461274
Frame ID: 518E6EF4F74B6BE81666808FF5A2BDC5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 26EDFED62D2DB809F0EF177BDE18E844
Requests: 1 HTTP requests in this frame

Frame: https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 61B8702ADE601D57A8E386FE089649CF
Requests: 1 HTTP requests in this frame

Frame: https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E89508F199DDD61E94B3069C6A9F5F8
Requests: 1 HTTP requests in this frame

Frame: https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C3692E06937E2067C80609A360120B8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/ajs.js
Frame ID: DE1A37FF0E0DC573A4B4CEC6501E56CF
Requests: 4 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 834E5F46D6D9FB8A172E10DF64099EA0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39BB626CE10F5547E482E71944D4ED82
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search for ads - Ad Hunter

Page URL History Show full URLs

  1. http://marketplace.lobservateur.com/ HTTP 307
    https://marketplace.lobservateur.com/ Page URL
  2. https://marketplace.lobservateur.com/AdHunter/Laplace Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zencdn\.net/c/video\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

38
Requests

95 %
HTTPS

60 %
IPv6

9
Domains

15
Subdomains

16
IPs

1
Countries

868 kB
Transfer

1879 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marketplace.lobservateur.com/ HTTP 307
    https://marketplace.lobservateur.com/ Page URL
  2. https://marketplace.lobservateur.com/AdHunter/Laplace Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://marketplace.lobservateur.com/ HTTP 307
  • https://marketplace.lobservateur.com/

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
marketplace.lobservateur.com/
Redirect Chain
  • http://marketplace.lobservateur.com/
  • https://marketplace.lobservateur.com/
179 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
179
Content-Type
text/html
Date
Thu, 14 Nov 2024 03:16:48 GMT
ETag
"7111eb31d8c6d91:0"
Last-Modified
Fri, 04 Aug 2023 13:33:03 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET

Redirect headers

Location
https://marketplace.lobservateur.com/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request Laplace
marketplace.lobservateur.com/AdHunter/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/Laplace
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b348f3eda200baf124f2bf489e88081a42de00fef66766215b16a23ad7779160

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Length
14472
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Nov 2024 03:16:48 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
4.0
X-Powered-By
ASP.NET
bootstrap
marketplace.lobservateur.com/AdHunter/Content/ 		143 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/Content/bootstrap?v=tJ0VW9jNOokvG0D9xvshzf9J-pSNMHnzycbIcCpIfmo1
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a24ab1e87cb04628ad6b619682abc4027b6ff60d9579d05218130eff57ec7eec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
146041
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/css; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
brainworks
marketplace.lobservateur.com/AdHunter/Content/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/Content/brainworks?v=StpjI3Q76giAAoRC0eMDf-MlQBxMgV6c3cvrzJ1P_NY1
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0cea69c6dd54b74a46f51004eb48b49876ac970092dfd522c870840c8dde949b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
4646
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/css; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
modernizr
marketplace.lobservateur.com/AdHunter/bundles/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/bundles/modernizr?v=rGcoDow97GYrNMSwHq7xCCjlcB3UIY4_OhPRc6BBSQA1
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5e36d275e3ba58a075e5049d57e29b5d01f75528aa8143280089e27b5a536305

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
10875
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
video-js.css
vjs.zencdn.net/c/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/c/video-js.css
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d77554d7adaa974ab50b409f6c81bfd0ab1afe3babd4591b4f1f2c4ae226c03c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
content-encoding
gzip
etag
"a5acd78c020477bb231ab1b484dea3f8"
access-control-allow-origin
*
x-cache
HIT
content-length
2861
date
Thu, 14 Nov 2024 03:16:49 GMT
last-modified
Tue, 07 May 2013 04:04:26 GMT
content-type
text/css
x-served-by
cache-bur-kbur8200073-BUR
x-cache-hits
2
vary
Accept-Encoding
video.js
vjs.zencdn.net/c/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/c/video.js
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d49a779bd9e88769cc638bd3cbc84bc4d10d901efbadec3818bb5c5f3b88142

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
content-encoding
gzip
etag
"b1fb6d997e399b40382a233bbae479a9"
access-control-allow-origin
*
x-cache
HIT
content-length
16790
date
Thu, 14 Nov 2024 03:16:49 GMT
last-modified
Tue, 18 Jun 2013 08:46:52 GMT
content-type
application/javascript
x-served-by
cache-bur-kbur8200073-BUR
x-cache-hits
0
vary
Accept-Encoding
jquery
marketplace.lobservateur.com/AdHunter/bundles/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/bundles/jquery?v=CkVTG71m7lHB5jSCpyOSxbeCVJLIPag7u7NL4ykFenk1
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c7ac00fbaa6a387f5792ecc644f10cb3b8fcd00b358eec9cb90cbb22794687e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
92556
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
bootstrap
marketplace.lobservateur.com/AdHunter/bundles/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/bundles/bootstrap?v=C8V_e6x3bw9y0H14W5_juFOkSnvTPaz9Mtz9cg1i1D41
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
68aaea43baba9970d59648385e49f25a348a96c29bfcfbaf7bc9e7f220e152e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
36559
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
adhunter
marketplace.lobservateur.com/AdHunter/bundles/ 		588 B
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/bundles/adhunter?v=Sw5gzoOe2SsCh0QZi65hASrcTc7q0Rv6mHPCwBapRh01
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
eb4ac05d8923740a5d8956572b69dbf911035c9bbebc591fccc1394e4b6fafc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Fri, 14 Nov 2025 03:16:49 GMT
Content-Length
588
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Thu, 14 Nov 2024 03:16:49 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f154.1e100.net
Software
cafe /
Resource Hash
bb1dcb482adb81cd69af4fab03ccd414a08b7d41243156c5407c74f96c3fc45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
br
etag
780 / 20041 / 31088885 / config-hash: 16416536828967523255
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 03:16:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 14 Nov 2024 03:16:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33389
x-xss-protection
0
server
cafe
LaplaceAHlogo.jpg
marketplace.lobservateur.com/AdHunter/Images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.lobservateur.com/AdHunter/Images/LaplaceAHlogo.jpg
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
404e79ea59a8e4ae76881e6aad18c9d1e882b9e52c318f5bc38a1d5ca4f52ebe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

ETag
"fb2dc45a3d61d21:0"
Accept-Ranges
bytes
Content-Length
41879
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 28 Dec 2016 19:05:29 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
GarageSaleMapButton.gif
marketplace.lobservateur.com/AdHunter/Images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.lobservateur.com/AdHunter/Images/GarageSaleMapButton.gif
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3915a9586014fa6faf8d03e592894bd0406794eab0d0120a42ac117dce40786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

ETag
"ee62fde29e3ad21:0"
Accept-Ranges
bytes
Content-Length
14659
Date
Thu, 14 Nov 2024 03:16:48 GMT
Content-Type
image/gif
Last-Modified
Wed, 09 Nov 2016 15:35:23 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
js
www.googletagmanager.com/gtag/ 		267 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K22W82D3R9
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ada63483fbfba7b30a1c4f306dbef9ed1a99c7c56941e1ef766ebecacee88c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 14 Nov 2024 03:16:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96235
x-xss-protection
0
server
Google Tag Manager
__utm.gif
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=marketplace.lobservateur.com&utmsr=1600x1200&utmul=en-US&utmr=https%3A%2F%2Fmarketplace.lobservateur.com%2FAdHunter%2FLaplace&utmp=marketplace.lobservateur.com%2FAdHunter%2FLaplace&utmcc=__utma%3D1.5862135995.1.1.1.1%3B&utme=8(vjsv)9(v3.2.0c)
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

age
59214
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 10:49:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
AdHunter.css
www.lobservateur.com/wp-content/themes/2014-bni/media/css/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/Laplace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
gzip
age
6366
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 03:30:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 01:30:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
LoadMinorClasses
marketplace.lobservateur.com/AdHunter/Laplace/Partials/ 		65 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/AdHunter/Laplace/Partials/LoadMinorClasses?classNum=-1
Requested by
Host: marketplace.lobservateur.com
URL: https://marketplace.lobservateur.com/AdHunter/bundles/jquery?v=CkVTG71m7lHB5jSCpyOSxbeCVJLIPag7u7NL4ykFenk1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8b57830585fe9fee245fdb4b55dc3e9597e93d27679e00cd287c27c48ffd3976

Request headers

Referer
https://marketplace.lobservateur.com/AdHunter/Laplace
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=utf-8

Response headers

Cache-Control
private
X-AspNet-Version
4.0.30319
Content-Length
65
Date
Thu, 14 Nov 2024 03:16:50 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
ASP.NET
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
collect
www.google-analytics.com/j/ 		15 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=679273738&t=pageview&_s=1&dl=https%3A%2F%2Fmarketplace.lobservateur.com%2FAdHunter%2FLaplace&ul=en-us&de=UTF-8&dt=Search%20for%20ads%20-%20Ad%20Hunter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=251466842&gjid=574736393&cid=792355165.1731554210&tid=UA-62161401-1&_gid=61471452.1731554210&_r=1&_slc=1&z=738151806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4401f3669d3174d0cca60224b36a2826d3c80dea4d2312f389e59716e1a72ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://marketplace.lobservateur.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://marketplace.lobservateur.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		271 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K22W82D3R9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5681cbc28c341d902059b7e2c9273f6e4484f3f542671cf378d8ec1cb5fbeeac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 14 Nov 2024 03:16:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98134
x-xss-protection
0
server
Google Tag Manager
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/ 		489 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f154.1e100.net
Software
cafe /
Resource Hash
f57fc8287a3cd71b1434c298f33cc8d1b4c5cf7bc5b396f19ef636b12c7db35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
br
etag
13412890727867976863
age
56233
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 11:39:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 13 Nov 2024 11:39:37 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155146
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-K22W82D3R9&gtm=45je4bc0v9105165721za200&_p=1731554210245&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102077855&cid=792355165.1731554210&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1731554210&sct=1&seg=0&dl=https%3A%2F%2Fmarketplace.lobservateur.com%2FAdHunter%2FLaplace&dr=https%3A%2F%2Fmarketplace.lobservateur.com%2F&dt=Search%20for%20ads%20-%20Ad%20Hunter&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1939
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K22W82D3R9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://marketplace.lobservateur.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:51 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
563 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K22W82D3R9&cid=792355165.1731554210&gtm=45je4bc0v9105165721za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K22W82D3R9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://marketplace.lobservateur.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:51 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 518E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-K22W82D3R9&gacid=792355165.1731554210&gtm=45je4bc0v9105165721za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102077855&z=808461274
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K22W82D3R9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:16:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 26ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:13:36 GMT
expires
Thu, 14 Nov 2024 04:03:36 GMT
last-modified
Mon, 11 Nov 2024 20:42:41 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		196 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2644359570971711&correlator=902755111499666&eid=31088885%2C31086810&output=ldjh&gdfp_req=1&vrg=202411110102&ptt=17&impl=fifs&iu_parts=1613683%2CLNL-300x250-1%2CLNL-300x250-2%2CLNL-300x250-3%2CLNL-300x250-4%2CLNL-970x90-1%2CLNL-1x1-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C970x250%2C1x1&ifi=1&didk=2963404608~2963404615~2963404614~2963404613~3590549719~3869734075&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1731554211187&lmt=1731554211&adxs=260%2C260%2C-9%2C-9%2C316%2C0&adys=484%2C719%2C-9%2C-9%2C11%2C769&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmarketplace.lobservateur.com%2FAdHunter%2FLaplace&ref=https%3A%2F%2Fmarketplace.lobservateur.com%2F&vis=1&psz=300x0%7C300x0%7C0x-1%7C0x-1%7C970x2%7C1600x839&msz=300x0%7C300x0%7C0x-1%7C0x-1%7C968x0%7C1600x0&fws=0%2C0%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&td=1&egid=1985&tan=ae2d16a6-e94f-4118-9cc3-6567511d4db5%2Cae2d16a6-e94f-4118-9cc3-6567511d4db6%2Cae2d16a6-e94f-4118-9cc3-6567511d4db7%2Cae2d16a6-e94f-4118-9cc3-6567511d4db8%2Cae2d16a6-e94f-4118-9cc3-6567511d4db9%2Cae2d16a6-e94f-4118-9cc3-6567511d4dba&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731554209297&idt=1834&cust_params=catname%3Dclassifieds&adks=2545532389%2C3183717485%2C203967177%2C1734851325%2C3346912494%2C1520291300&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f154.1e100.net
Software
cafe /
Resource Hash
22ce6871192db7b7f44899942ad18404d7977f7abc00323dfdcfa056300f14e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
br
google-lineitem-id
-1,-1,-2,-2,-2,6099630622
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 14 Nov 2024 03:16:51 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1,-1,-2,-2,-2,138403420906
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://marketplace.lobservateur.com
content-length
66184
x-xss-protection
0
server
cafe
container.html
2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 61B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:16:51 GMT
expires
Thu, 14 Nov 2024 03:16:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411110102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
26909f405339b321c175f79fdc56f38a6f368d56ff4d4b04c3693712a54d4b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12842
date
Thu, 14 Nov 2024 03:16:51 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
marketplace.lobservateur.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://marketplace.lobservateur.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.18.223.180 Commack, United States, ASN (),
Reverse DNS
cl223-180.invision.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/AdHunter/Laplace

Response headers

Content-Length
1245
Date
Thu, 14 Nov 2024 03:16:51 GMT
Content-Type
text/html
X-Powered-By
ASP.NET
Server
Microsoft-IIS/8.5
container.html
2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:16:51 GMT
expires
Thu, 14 Nov 2024 03:16:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:16:51 GMT
expires
Thu, 14 Nov 2024 03:16:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ajs.js
cdn.undertone.com/js/ Frame DE1A 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/ajs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:f600:1f:2473:9080:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d6d1883082f16a2ae9cb3310ae8c5dcd0842772626268cf71e0fc23f8ee2fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

vary
accept-encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
M9tcXpnO6HWxlZMI.KbptO8xKSFq0exz
etag
W/"bf923ad2dc003a8e61e5579c87515273"
age
74577
via
1.1 d439433d975e4e608c1677c8e16e7fe2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BLGLV4cl_FFlaNhTl1DJ2R11JBKa83-aowtj-o9an4QUmAGlvaQufA==
date
Wed, 13 Nov 2024 06:33:56 GMT
content-type
text/javascript
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame DE1A 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQBEEkfoBKdTr8D55ebmTohAQ_8eBP25CopESVuHFy7fZfefz_ubwM8jXMU4CjMUJ1NaSdM0rLCgXGEAktocKYUMVuSo6GOV0_gskelcwQA2kHz35DPRFiSmYuEIqmrAZVREHEeAZboecy6w4uxbxu2DqtVZIcuc94LD74F5rCg2nfpA7oD-GuU9XkmmfECZiyfegG2b8yKFH2k8IAbMMPlGiccZFyp6BvNj2PNKoDN_EcomCAEibOwf0HNDY8p9oT5_j3n36g5pNO1jEGKuTCZPyJ9hyK2kMhzS3lI4XVQ3fRC14iyeuSiIqAwS-LBOtD0a4RMtvCHfA6145_fp9_7BxOIj5KZ6WYwyufnEFEbfkAvQcpBBrPV-kzhPlO2DY6awhtrBXbCDsyF3snrVacIwJdSp9ZChfyQjP-W_duJ1sx&sai=AMfl-YRlkc65rE42UWvAZrAB6xMJ93zOYApu785ZbQ8EzwL-Ms5eYFfQuNVDik_MjWeB_iZ-guV-8sM8nxeC0f0PMTMtl-kdir_SNNCmj1dKfWkuj3mEZPamBmqN9fjW93JgP5kZUjHmKxf6igGmgpn_&sig=Cg0ArKJSzPGw_z6y9qCsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 03:16:51 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 14 Nov 2024 03:16:51 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 03:16:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:16:52 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
dj
ads.undertone.com/ Frame DE1A 		0
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.undertone.com/dj?&pid=2813&domain=lobservateur.com&placementid=2813056&fb=1&cb=185260301&t=1731518212.211&fv=0&x=1&y=1268&sw=1600&sh=1200&cw=1600&ch=1200&loc=https%3A%2F%2Fmarketplace.lobservateur.com%2FAdHunter%2FLaplace&fr=1&env=201
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-106.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://marketplace.lobservateur.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 0f62e17ec3952402c8100312889f271c.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://marketplace.lobservateur.com
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
x-amz-cf-id
Fs4e4RBLlAYuibm0iIe5QM9y3Hnz3UOPjL3GzHSghlPZiU_cBANyIA==
date
Thu, 14 Nov 2024 03:16:52 GMT
x-amz-cf-pop
IAD61-P6
truncated
/ Frame DE1A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91c3fb55b06759eb3672814921b6867c0e8bf92cf88ee02561dbf61e49101780

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 834E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:01:31 GMT
expires
Thu, 14 Nov 2024 03:51:31 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 39BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f103.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GbiFQ7GOpk-eD0cdeMTkyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketplace.lobservateur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GbiFQ7GOpk-eD0cdeMTkyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 03:16:52 GMT
expires
Thu, 14 Nov 2024 03:16:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.lobservateur.com
URL
http://www.lobservateur.com/wp-content/themes/2014-bni/media/css/AdHunter.css
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411110102&jk=2644359570971711&bg=!o6CloO_NAAY7_TBtG_07ADQBe5WfOIyWAxcGm7d3dAtT2CvThLndkVFzT-HANQOuN5V_7969Bl5yUvOcR83QXhRRTdqOAgAAAGFSAAAAA2gBB34ANibOLG3GtYyU1RQ_4qKYs6AIbI2cSZJiMwMWYhqvlPRK9H18cjKI4YH_vgN_jdKF6zXYOIndDJkCres48_Xq8ZCROACqdnoi633xZKR0Svxu1p4dhvnLeHijbhY2rChdAPDPC-VBUf7wOYrcQOMqOMNDFEaja2pzSdI3pS2wCgvIwHxuwkBWRXSREJlWv8hNJOusT4D51_nj6t_j9Mb70XGvyRsPKEFIyyOnmZBVQcu4Q7gI5ws6yTlMdaZTswNyAG67tUzRxMtCetqdb0iBYc0dygwLtCf7ULh7j_luA3bHiC-1YWXEcTaiOFdwJusHn8rtDgdNWzz7PklUMDcBk_9OgeSIscuyVCQyGM-CCcdbve325foindTCQrO0NtT25zlLrIaBAtwt-_jGx38KWCRVHs3vBkzhxLQXTrXhXKNtdSxCvXeqWu3loWPd-KOOZ78cugVpj-WQwSqVXTE7s4VlSV-oIXTXh_DIuKjSD-4wMxwZLEBNjxwuVtgqPCEf5DCsYDLughHqs9s11eMRRXrn8Uak3hxjlWb3dl9QYh1QvYKwB2EpzHA4hk6D7JPQ6_gcnL1h5P1YBeXdixZvVOR5j7Nc3KZ2k20WyvelR-IR92KqfsdZHwGF8JuqUk8EmLWda-ZzNK45oF36L-3N8t4-_nrQcv3qgNUJDMNYztpKrpgO54pRAWNmmh-00DoJ6MrdqzZrtsYtcyrd7fxZBm-gtxQJEbA42SChHzB1WlUYvGutRJvGWtH5whbtc0E5X_itu5yMZuans0abYmQhTn04WR7kus7jybZabJ5FB2inzpZr4vUMN87zG8SjYtv_W1L5bEGV4tEi1370UabdO-pC41YwgRT7l96NWn0iU78HS5lxSI68gVkiY1ZvjA9z026w7CgMfdtMvzzQdi_o58JAe2wkd27e7vFvau0SukpS2aEm4lcOh8izOmhxS1J423qHm2ABwJjpEdfx9--Ae9h8dCyQZEQ

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| html5 object| Modernizr function| createSetter function| createGetter number| vdata1731554209867 function| _V_ function| VideoJS function| $ function| jQuery object| jQuery19105446654358282748 object| googletag function| loadMinorClasses function| switchPublication string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
marketplace.lobservateur.com/ Name: ASP.NET_SessionId
Value: mksc2ufto230mbtlnylnfxb1
marketplace.lobservateur.com/ Name: TopAdsOffset
Value: 1
.lobservateur.com/ Name: _gid
Value: GA1.2.61471452.1731554210
.lobservateur.com/ Name: _gat
Value: 1
.lobservateur.com/ Name: _ga_K22W82D3R9
Value: GS1.1.1731554210.1.0.1731554210.60.0.0
.lobservateur.com/ Name: _ga
Value: GA1.1.792355165.1731554210
.lobservateur.com/ Name: __gads
Value: ID=0372b87ba655e6a3:T=1731554211:RT=1731554211:S=ALNI_MZWuVLF_rqE_8LxxLzZDlOHt8Id8A
.lobservateur.com/ Name: __gpi
Value: UID=00000f94b02da564:T=1731554211:RT=1731554211:S=ALNI_MaNgav-nWu3HeKDOH4ptgzT7otCJg
.lobservateur.com/ Name: __eoi
Value: ID=6e1745c5807bfe55:T=1731554211:RT=1731554211:S=AA-AfjZEuq6p73xHPa1bX5LgexzE
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmX5if2QR7FNT0OKOszCYraGS-o_l43MgMGU3Q1Vuti7JDqBMc-e4RbIFDmDT8

3 Console Messages

Source Level URL
Text
rendering warning URL: https://marketplace.lobservateur.com/AdHunter/Laplace(Line 12)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00041E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security error URL: https://marketplace.lobservateur.com/AdHunter/Laplace(Line 30)
Message:
Mixed Content: The page at 'https://marketplace.lobservateur.com/AdHunter/Laplace' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.lobservateur.com/wp-content/themes/2014-bni/media/css/AdHunter.css'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://marketplace.lobservateur.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bc751c7b18ecad36d1bacffcd1d8baa.safeframe.googlesyndication.com
ads.undertone.com
analytics.google.com
cdn.undertone.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
marketplace.lobservateur.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.lobservateur.com
ep1.adtrafficquality.google
www.lobservateur.com
142.251.167.154
172.253.115.103
2001:4860:4802:32::178
2001:4860:4802:38::181
2600:9000:2073:f600:1f:2473:9080:93a1
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1f::9d
2a04:4e42:400::729
3.167.69.106
64.233.180.154
64.233.180.155
69.18.223.180
0cea69c6dd54b74a46f51004eb48b49876ac970092dfd522c870840c8dde949b
21d6d1883082f16a2ae9cb3310ae8c5dcd0842772626268cf71e0fc23f8ee2fd
22ce6871192db7b7f44899942ad18404d7977f7abc00323dfdcfa056300f14e0
26909f405339b321c175f79fdc56f38a6f368d56ff4d4b04c3693712a54d4b2b
2d49a779bd9e88769cc638bd3cbc84bc4d10d901efbadec3818bb5c5f3b88142
404e79ea59a8e4ae76881e6aad18c9d1e882b9e52c318f5bc38a1d5ca4f52ebe
5681cbc28c341d902059b7e2c9273f6e4484f3f542671cf378d8ec1cb5fbeeac
5e36d275e3ba58a075e5049d57e29b5d01f75528aa8143280089e27b5a536305
68aaea43baba9970d59648385e49f25a348a96c29bfcfbaf7bc9e7f220e152e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b57830585fe9fee245fdb4b55dc3e9597e93d27679e00cd287c27c48ffd3976
91c3fb55b06759eb3672814921b6867c0e8bf92cf88ee02561dbf61e49101780
a24ab1e87cb04628ad6b619682abc4027b6ff60d9579d05218130eff57ec7eec
ada63483fbfba7b30a1c4f306dbef9ed1a99c7c56941e1ef766ebecacee88c8b
b348f3eda200baf124f2bf489e88081a42de00fef66766215b16a23ad7779160
b4401f3669d3174d0cca60224b36a2826d3c80dea4d2312f389e59716e1a72ca
bb1dcb482adb81cd69af4fab03ccd414a08b7d41243156c5407c74f96c3fc45f
c7ac00fbaa6a387f5792ecc644f10cb3b8fcd00b358eec9cb90cbb22794687e9
d77554d7adaa974ab50b409f6c81bfd0ab1afe3babd4591b4f1f2c4ae226c03c
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3915a9586014fa6faf8d03e592894bd0406794eab0d0120a42ac117dce40786
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4ac05d8923740a5d8956572b69dbf911035c9bbebc591fccc1394e4b6fafc9
f57fc8287a3cd71b1434c298f33cc8d1b4c5cf7bc5b396f19ef636b12c7db35c
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99