www.credit-de-france.com Open in urlscan Pro
151.80.201.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.credit-de-france.com/
Effective URL:
http://www.credit-de-france.com/
Submission: On February 27 via automatic, source certstream-suspicious (February 27th 2023, 8:35:20 am UTC) — Scanned from DE

Summary HTTP 133 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 17 domains to perform 133 HTTP transactions. The main IP is 151.80.201.34, located in Roubaix, France and belongs to OVH, FR. The main domain is www.credit-de-france.com.

This is the only time www.credit-de-france.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	151.80.201.34 151.80.201.34	16276 (OVH) (OVH)
16	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1 45	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.180.227 142.250.180.227	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
7	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:4f1d:e35c:100b:dcbe	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	209.191.163.208 209.191.163.208	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
133	17

5 151.80.201.34 (Roubaix, France) 1 redirects

ASN16276 (OVH, FR)

www.credit-de-france.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e10 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixabay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::2004 (Ireland) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.227 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f3.1e100.net

p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:4f1d:e35c:100b:dcbe (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.208 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	827 KB
31	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 262 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	235 KB
15	gstatic.com www.gstatic.com p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com	149 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	386 KB
8	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	5 KB
5	credit-de-france.com 1 redirects www.credit-de-france.com	378 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 589	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	576 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	464 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	544 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	608 B
1	pixabay.com cdn.pixabay.com — Cisco Umbrella Rank: 31059	19 KB
133	17

	Domain	Requested by
45	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.credit-de-france.com
16	pagead2.googlesyndication.com	www.credit-de-france.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.googletagservices.com	googleads.g.doubleclick.net
7	cm.g.doubleclick.net	www.credit-de-france.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.credit-de-france.com	1 redirects www.credit-de-france.com
4	fonts.gstatic.com	fonts.googleapis.com
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com
2	p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	static.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.pixabay.com	www.credit-de-france.com
133	25

This site contains links to these domains. Also see Links.

Domain
www.banque-mondiale.com
jcfacademy.com
info-scpi.info
fongecif-bourgogne.fr
www.lefigaro.fr
www.pour-les-personnes-agees.gouv.fr
www.dotclear.net

Subject Issuer	Validity	Valid
pixabay.com Cloudflare Inc ECC CA-3	`2022-04-11` - `2023-04-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 27 frames:

Primary Page: http://www.credit-de-france.com/
Frame ID: 54ED7766E0985A7FEF3CF13AD4021AA4
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 01914509B5B15D897E32242609605A4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&adk=1242408264&adf=3594574215&lmt=1677486913&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fwww.credit-de-france.com%2F&ea=0&pra=5&wgl=1&dt=1677486913559&bpp=4&bdt=214&idt=293&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2822973996974&frm=20&pv=2&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: 2BEEC5E938B0FD67EF779F0946D0E188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=4093122104&adk=1962238016&adf=1096795020&pi=t.ma~as.4093122104&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913563&bpp=1&bdt=219&idt=315&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GKUakNYyrf&p=http%3A//www.credit-de-france.com&dtd=319
Frame ID: 5AD973FA5A66B478A93414D4B3120F68
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=2722702907&adk=2793921815&adf=1066727035&pi=t.ma~as.2722702907&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913564&bpp=1&bdt=220&idt=322&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XdaKji51qu&p=http%3A//www.credit-de-france.com&dtd=326
Frame ID: F0474D7D4248BD92F11990831DAD999D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=600&slotname=7292503309&adk=658439030&adf=1296294859&pi=t.ma~as.7292503309&w=300&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677486913565&bpp=1&bdt=221&idt=331&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxINEYUHGG&p=http%3A//www.credit-de-france.com&dtd=336
Frame ID: 2C563516F5D67ABBF992565D0683F4BD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF4C669B765C5693236344141F42ECDD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5
Frame ID: 5668F5451D68D4AF1F43FBAD102C4C34
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 9B2D6F3EEF9CA3CE918584E24286529C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 48CB7F16CA7CE334B69CC8BCF98E6FEA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 82C0FE897996619B1F05A0E9D782789D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1956D8D0D2B39FE6A73A0F99331365DA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: D223E55E1A6A8E8F254F60DCCD089B61
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31BF9DFFDAAFE1EB0DE9F669C812DE39
Requests: 2 HTTP requests in this frame

Frame: https://p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 894F7491848A24093A7873E4B4C01CD8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCD76B73D3C68E083415E3387D4DDA92
Requests: 2 HTTP requests in this frame

Frame: https://p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: EC89680C8A9CA76CD3E04BD888EA5BEC
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0F5972AEEC27DE32B9D9FC585A691F9E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1F779D06A72D7A63F7C54D95DAC455CB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 2837F6B09AD671C9181C5BE86D3FDEAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: EE82039F3799A69F9B11BD23778A14DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7EB26722135CC2B549227A65F74F1B95
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 22A8EEE92FC61F4E64BDB99BF20C2728
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 937E4FB188F36A08C9F0F2EDC1779E21
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 5138EBF78F5B85821423297DEA2E1007
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD2376EA97AC6F5B6492EFFFAB1AA96C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47402B2597E38A813879B2137F7C27C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crédit, Crédit à Taux 0, Crédit Immobilier, Prêt à la consommation

Page URL History Show full URLs

https://www.credit-de-france.com/ HTTP 301
http://www.credit-de-france.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

133
Requests

91 %
HTTPS

64 %
IPv6

17
Domains

25
Subdomains

17
IPs

6
Countries

2002 kB
Transfer

4575 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.banque-mondiale.com/sitemap.xml
Title: actufinance simulateur

Search URL Search Domain Scan URL

URL: https://jcfacademy.com/
Title: revenus immobilier

Search URL Search Domain Scan URL

URL: https://info-scpi.info/
Title: Investir dans la pierre papier

Search URL Search Domain Scan URL

URL: https://fongecif-bourgogne.fr/
Title: investir dans l'immobilier

Search URL Search Domain Scan URL

URL: https://www.lefigaro.fr/services/placements-en-periode-de-crise-la-scpi-maintient-le-cap-20201244
Title: Les experts ont craint des défauts de versement des loyers

Search URL Search Domain Scan URL

URL: https://www.pour-les-personnes-agees.gouv.fr/changer-de-logement/vivre-dans-une-residence-avec-services-pour-seniors/les-residences-services-pour-qui
Title: résidences seniors médicalisées

Search URL Search Domain Scan URL

URL: http://www.dotclear.net/
Title: Dotclear © 2003-2023

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.credit-de-france.com/ HTTP 301
http://www.credit-de-france.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL HTTP 301
https://tpc.googlesyndication.com/simgad/4553853186076129233

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBaLdDrn8KFHE7YDVF_TGYU&google_cver=1&google_push=Aa02lx8q_VrnR1CLtGN2pYrkAxmYkBvuzVMv3ApWxCc-i9UyCzhxs-_-ZnpJAACraTxLlnOxFaPSVtkS_rikkJux_ipSXsvr4g4Y1YM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBaLdDrn8KFHE7YDVF_TGYU&google_push=Aa02lx8q_VrnR1CLtGN2pYrkAxmYkBvuzVMv3ApWxCc-i9UyCzhxs-_-ZnpJAACraTxLlnOxFaPSVtkS_rikkJux_ipSXsvr4g4Y1YM

Request Chain 120

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO5F_tTtdy8U8noSqsfsLvI&google_cver=1&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBWHyoS3isI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBWHyoS3isI&google_hm=eS1lNnZESHpaRTJwRmlROUxVMzVsa1d5czJfWmtRNENGb35B

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUfexdGAxb0u7RGxIswSQY&google_cver=1&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7VfECQO7_AUqL92F0xS2UD0p5RqV3k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNS0VCWE4tMU4tNzhWQQ==&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7VfECQO7_AUqL92F0xS2UD0p5RqV3k

Request Chain 122

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKFdKOdztQO2SyuX8gtYewg&google_cver=1&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKFdKOdztQO2SyuX8gtYewg&google_cver=1&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc&google_hm=GOcjCGZHZzXnL7vkTcm1AGFT

Request Chain 123

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGQYayXFD7XpQN2s9L5eddk&google_cver=1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677486915551 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b8b3c9ea-eaae-4bcf-abda-3cc0c28dacec-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA%26google_hm%3DA7izyerqrkvPq9o8wMKNrOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&google_hm=A7izyerqrkvPq9o8wMKNrOw

Request Chain 124

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPwea63_Mztikf-mY7vYUDw&google_cver=1&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkOeOHu714P_XSYF3FcVgCPIuTNzhVTI HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPwea63_Mztikf-mY7vYUDw&google_cver=1&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkOeOHu714P_XSYF3FcVgCPIuTNzhVTI&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YODVSQW1GRTJ1RlY0RGguR3NEVGY5ZXM0VV9zcC5XTn5B&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkOeOHu714P_XSYF3FcVgCPIuTNzhVTI

133 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.credit-de-france.com/
Redirect Chain

https://www.credit-de-france.com/
http://www.credit-de-france.com/

32 KB
8 KB

44ms
26ms

Document
text/html

151.80.201.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.credit-de-france.com/
Protocol: HTTP/1.1
Server: 151.80.201.34 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fe96c076470be73d56485254d280f87267a7b0719a8244e75d5a41463a78f781

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7857
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Feb 2023 08:35:13 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Mon, 27 Feb 2023 08:35:13 GMT
location: http://www.credit-de-france.com/
server: nginx

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
50 KB 112ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c96833cbecd2d34f3b2e0d997fa23500813b0301cbfb1ea2e0f51cbdf3d639f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 08:35:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50876
X-XSS-Protection: 0
Server: cafe
ETag: 11499206073214364474
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 27 Feb 2023 08:35:13 GMT

GET
H2 200 house-4516176__340.jpg
cdn.pixabay.com/photo/2019/09/30/16/00/ 18 KB
19 KB 55ms
23ms Image
binary/octet-stream 2606:4700::6812:e10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2019/09/30/16/00/house-4516176__340.jpg
Requested by: Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4477db7632c4198d465fef068ee11b28b0f8b776bbb290937529de6312f986

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:13 GMT
x-amz-version-id: PqD_YFjlwK3LOqgakdiorw_5V7iVuCz2
cf-cache-status: HIT
age: 568161
x-amz-request-id: PCD5ZCTQ66KGN54Y
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18481
x-amz-id-2: i3+7Gsy6ory5XVSUfY0EPhdl1vea5SuP/BPHhaS+bxa1oB82YV6Vvix/wgxRCtYd3MNOPRHNMTc=
last-modified: Wed, 12 Oct 2022 10:24:10 GMT
server: cloudflare
etag: "7a85cd0d5a1ef56f5a820ecb032970a9"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 79ff95f8a9cd39d0-FRA
expires: Tue, 27 Feb 2024 08:35:13 GMT

GET
H/1.1 200
OK 1614696988.jpg
www.credit-de-france.com/img/ 76 KB
77 KB 17ms
17ms Image
image/jpeg 151.80.201.34
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.credit-de-france.com/img/1614696988.jpg
Requested by: Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/
Protocol: HTTP/1.1
Server: 151.80.201.34 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 39f3b6ac0b469a7ead78634a07f995c3d1771020ed2dcbadca5b7816f6941ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 08:35:13 GMT
Last-Modified: Mon, 01 Mar 2021 23:00:00 GMT
Server: nginx
ETag: "603d71f0-131b7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78263
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1614849102.jpg
www.credit-de-france.com/img/ 56 KB
56 KB 34ms
17ms Image
image/jpeg 151.80.201.34
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.credit-de-france.com/img/1614849102.jpg
Requested by: Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/
Protocol: HTTP/1.1
Server: 151.80.201.34 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b47a13d505123453dc070b2dc1c25cec36138372c0adf64fe8871186bb4982c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 08:35:13 GMT
Last-Modified: Wed, 03 Mar 2021 23:00:00 GMT
Server: nginx
ETag: "604014f0-df71"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57201
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK header.jpg
www.credit-de-france.com/ 237 KB
237 KB 33ms
17ms Image
image/jpeg 151.80.201.34
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.credit-de-france.com/header.jpg
Requested by: Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/
Protocol: HTTP/1.1
Server: 151.80.201.34 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b5fb1d7183cbe714a58454ac8cf5e721df3c7e21ea1733ca578b7be3ee61dbc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 08:35:13 GMT
Last-Modified: Thu, 14 May 2015 22:00:00 GMT
Server: nginx
ETag: "55551ae0-3b48f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 242831
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 170ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1010404604654251&plah=www.credit-de-france.com&bust=31072648

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4788543e70ae3b1cca01945e17cd2fb9fb50eecaa449f98772b6bae07436e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121456
x-xss-protection: 0
server: cafe
etag: 2059072816459810471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 08:35:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 0191 10 KB
5 KB 170ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:42 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
608 B 154ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.credit-de-france.com&callback=_gfp_s_&client=ca-pub-1010404604654251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1010404604654251&plah=www.credit-de-france.com&bust=31072648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c5ad1567739e399e8ca3472d0ef0a1b19a23718b7016f72c576125d244e7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 197ms
73ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.credit-de-france.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 198ms
77ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.credit-de-france.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BEE 470 KB
87 KB 666ms
665ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&adk=1242408264&adf=3594574215&lmt=1677486913&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fwww.credit-de-france.com%2F&ea=0&pra=5&wgl=1&dt=1677486913559&bpp=4&bdt=214&idt=293&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2822973996974&frm=20&pv=2&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=312

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42c3ebd7d230b706d9e546ec45c285ef740ea577614c13e153dec92b2d00cdf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 88443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
expires: Mon, 27 Feb 2023 08:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AD9 81 KB
23 KB 1009ms
1009ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=4093122104&adk=1962238016&adf=1096795020&pi=t.ma~as.4093122104&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913563&bpp=1&bdt=219&idt=315&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GKUakNYyrf&p=http%3A//www.credit-de-france.com&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88dceceed55749db15d5d3b87ea94341789be83502311cdcea8c336e4d777612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
expires: Mon, 27 Feb 2023 08:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F047 99 KB
32 KB 944ms
940ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=2722702907&adk=2793921815&adf=1066727035&pi=t.ma~as.2722702907&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913564&bpp=1&bdt=220&idt=322&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XdaKji51qu&p=http%3A//www.credit-de-france.com&dtd=326

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab756ff59a87aadfe14859a79ba6aede08e6d43584c84a12726a92918d0f2ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
expires: Mon, 27 Feb 2023 08:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C56 103 KB
33 KB 500ms
500ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=600&slotname=7292503309&adk=658439030&adf=1296294859&pi=t.ma~as.7292503309&w=300&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677486913565&bpp=1&bdt=221&idt=331&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxINEYUHGG&p=http%3A//www.credit-de-france.com&dtd=336

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98cfa2d9d1d654d01713b4eca76f79715e7ca01af2c4e162b2c8ca44a1583a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33731
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
expires: Mon, 27 Feb 2023 08:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13893965577395773582
tpc.googlesyndication.com/simgad/ Frame 2C56 36 KB
36 KB 183ms
82ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13893965577395773582?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmCIsmg3VOFOs7FyjEsm4rZtU02Dw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=600&slotname=7292503309&adk=658439030&adf=1296294859&pi=t.ma~as.7292503309&w=300&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677486913565&bpp=1&bdt=221&idt=331&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxINEYUHGG&p=http%3A//www.credit-de-france.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff21788b71323d719f13c3fc5293b72ba98c7b88a6ceaaf42e4d932e3eec6cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 16:57:42 GMT
x-content-type-options: nosniff
age: 488252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 11:32:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Feb 2024 16:57:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 2C56 22 KB
9 KB 141ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2C56 3 KB
1 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 2C56 67 B
196 B 197ms
111ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:23:49 GMT
x-content-type-options: nosniff
server: cafe
age: 25885
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 28 Feb 2023 01:23:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2C56 20 KB
8 KB 133ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C56 158 KB
49 KB 145ms
130ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2C56 33 KB
13 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C56 0
0 94ms
93ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvVYrQWv8Y8GFOuqD1fAPgvCQ-AK4g6Gka5Gnwbn3D_nE0teEDBABILOltQZgleKQgqAHoAHk5vnXA8gBAqkCw_wrOVGysT6oAwHIA8kEqgTTAU_QNE8v3a897kd7RePRHBZMGSzmVV2U4S9b4nD9N1o4DU67YPtnfL5p3Wfg2frOcVNwTgKaHhw8hsUkODN8YnE7PWHU1JPIVLc1lsUPT53obWKfAxlcLmnQgEqFAaN2FE8URRuOjLMsQk-eexpiQBVzrxtponq4qgSkc2WZR-O89hP1YFsedAqABR48q1KAlF6GfNsw_lvE50GEUQ5uB06yRtk-TpuNXMBm_vMNSBFzbIDOYgXAAAdqwsaqFSJyBkmWCyQFSKKrfmF1-vFzOQgDchfABPLIrIf0A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeEmYYoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqMAH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTAxMDQwNDYwNDY1NDI1MRgA&sigh=l-NgTM3KdR8&uach_m=[UACH]&cid=CAQSGwDUE5ymmJw16k3_oi5jKYt7PSkhKiZeoKNwSBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=600&slotname=7292503309&adk=658439030&adf=1296294859&pi=t.ma~as.7292503309&w=300&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677486913565&bpp=1&bdt=221&idt=331&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxINEYUHGG&p=http%3A//www.credit-de-france.com&dtd=336
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 08:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF4C 143 B
166 B 51ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=600&slotname=7292503309&adk=658439030&adf=1296294859&pi=t.ma~as.7292503309&w=300&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677486913565&bpp=1&bdt=221&idt=331&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxINEYUHGG&p=http%3A//www.credit-de-france.com&dtd=336
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2C56 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea23b53720c57b82c2177e0410ef2d694a6f056504eb784bb7e4b2b5873b9119

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js?bust=31072648

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a334cc1e84d346ba356b125bc1ac51fc570926c6aecac8861f1cc4f9e04b93e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52052
x-xss-protection: 0
server: cafe
etag: 5120323239037727118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 74ms
72ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.credit-de-france.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 72ms
70ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.credit-de-france.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5668 90 KB
33 KB 582ms
581ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a95d062f80ced60a9e206a1a31ef5bf9b13884fbf24f71b5729bf63cd5cbb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF4C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
88ms

Document
text/html

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
expires: Mon, 27 Feb 2023 08:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B2D 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 48CB 10 KB
4 KB 50ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 82C0 10 KB
4 KB 49ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 1956 10 KB
4 KB 49ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame D223 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 48CB 4 KB
1 KB 203ms
72ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 06:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 48CB 205 B
650 B 179ms
49ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 03:06:38 GMT
x-content-type-options: nosniff
age: 19716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Feb 2024 03:06:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 48CB 604 B
694 B 180ms
50ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 07:23:04 GMT
x-content-type-options: nosniff
age: 4330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Feb 2024 07:23:04 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame 48CB 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:38:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 82C0 3 KB
674 B 201ms
74ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 06:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 82C0 2 KB
818 B 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 82C0 22 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 82C0 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 82C0 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82C0 158 KB
48 KB 91ms
90ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 82C0 33 KB
14 KB 173ms
51ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1956 6 KB
745 B 192ms
72ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 08:33:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1956 2 KB
799 B 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 1956 22 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1956 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1956 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1956 158 KB
48 KB 184ms
183ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 1956 33 KB
14 KB 177ms
64ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H2 200 12615917933316929566
tpc.googlesyndication.com/daca_images/simgad/ Frame F047 144 KB
144 KB 40ms
40ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12615917933316929566

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=2722702907&adk=2793921815&adf=1066727035&pi=t.ma~as.2722702907&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913564&bpp=1&bdt=220&idt=322&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XdaKji51qu&p=http%3A//www.credit-de-france.com&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef67771e483e3d3f320273fa5815b7e30a0c44f54edcd6ab3409b6c875a0a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 13:37:28 GMT
x-content-type-options: nosniff
age: 154666
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147210
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 16:34:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 13:37:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame F047 22 KB
9 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame F047 3 KB
1 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F047 67 B
125 B 81ms
80ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:23:49 GMT
x-content-type-options: nosniff
server: cafe
age: 25885
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 28 Feb 2023 01:23:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame F047 20 KB
8 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F047 158 KB
48 KB 162ms
161ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame F047 33 KB
13 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D223 0
0 111ms
111ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1ZFGQWv8Y-jnOJWU7APgi7T4A5PZnJhv5YXV9oUR9OnmzZc5EAEgs6W1BmCV4pCCoAegAc_Uo5MoyAECqQIlV5632Qm0PqgDAcgDyQSqBNsBT9Byo3KrvrFqzJblu6uPmEvYdLUmB_IpX6fEJoIDjaQdvTr2pz38FOqsEdBl-2c7Xt9RLCYAvwpIId8EEzW2pPVs0FWuCYVx0j3gU84OPmv5qcVKr3Xd4w9VD9TxWt9ILPPBLpgxWoYKI0JYCXfDxMqKe2MagmFwcL857w9BT5Z8rzuosuuP0FGEB2NFRCGh7ngiwo3voV8dDpUnANpz0g4p4i8S6BqanXNqFA1pMwbpjEB-6jbJUf5xKRmoD53IuiL_f-832vvjRhsKqemq_ucTGZFko84zDsSUwATPrMfDrgSSBQQIBBgBkgUECAUYBKAGAoAHz4z08gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCLsE3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMDEwNDA0NjA0NjU0MjUxGAA&sigh=1Rq_cZN3YAQ&uach_m=[UACH]&cid=CAQSGwDUE5ymPQV40wThUUI2KCeIwgOhCF6qpffNchgB

Requested by

Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 08:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame D223 22 KB
9 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 11402447284063471934
tpc.googlesyndication.com/simgad/ Frame D223 23 KB
23 KB 89ms
88ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11402447284063471934?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql7uclvkNM6lqdMFWtKZiwu1Bps6A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c0223cca50c472b84fafe33d2156b0e4e14274512366f658f9738e5f665612f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 08:16:15 GMT
x-content-type-options: nosniff
age: 173939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23901
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 16:28:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 08:16:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame D223 3 KB
1 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame D223 20 KB
8 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D223 158 KB
48 KB 175ms
175ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame D223 33 KB
13 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F047 0
0 102ms
102ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeNIhQWv8Y_PHOZPmxgPfnKWQBpPZnJhvgt6V68EQ9OnmzZc5EAEgs6W1BmCV4pCCoAegAc_Uo5MoyAECqQIlV5632Qm0PqgDAcgDyQSqBNoBT9DjYsVYABOOAODt_J5uW4LE7-wulQXTYhZBD47OtRl1mXgTMMchExJTT3IJj2hSAfByEuPOeGELzl7_9wrBffiX5l2SghRwC7VZ3u6UDu-no6Zs-5dYxkMG3sDjijquLk4T1xVlvI-oMYtgZ_DQYF8BV4rhK4ldJQUzVdDjxOb0OiOpfoWfqCI1w8kcer7vY4Z1kiYDabz_Dl9FEkEnIU-N1aGMB1I6S2ddaP4XlFjBo3nzmIZqPhnJehpXLox5Epmca_A_YlwP-PGb7lmWwIQ3zwQU3ITdi7HABParvPKbBJIFBAgEGAGSBQQIBRgEoAYCgAfPjPTyAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJPlYNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTEwMTA0MDQ2MDQ2NTQyNTEYAA&sigh=mKzZPd5yPiA&uach_m=[UACH]&cid=CAQSGwDUE5ym6vVb3Xh0bW2jNVaDW2hteQfPIui3pBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=2722702907&adk=2793921815&adf=1066727035&pi=t.ma~as.2722702907&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913564&bpp=1&bdt=220&idt=322&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XdaKji51qu&p=http%3A//www.credit-de-france.com&dtd=326
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 08:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 5AD9 3 KB
674 B 146ms
72ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=4093122104&adk=1962238016&adf=1096795020&pi=t.ma~as.4093122104&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913563&bpp=1&bdt=219&idt=315&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GKUakNYyrf&p=http%3A//www.credit-de-france.com&dtd=319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 06:42:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5AD9 2 KB
799 B 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 5AD9 22 KB
9 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5AD9 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5AD9 20 KB
8 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AD9 158 KB
48 KB 157ms
156ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:14 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 5AD9 33 KB
14 KB 172ms
105ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5AD9 0
0 92ms
92ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLQcyQWv8Y8XaOLPBxgPZprboDM-24pBv2YTIgY0RjfXBzac4EAEgs6W1BmCV4pCCoAegAdWU_scDyAEGqQLD_Cs5UbKxPqgDAcgDAqoE0wFP0EQrq4-WGsHo8elBMzas6pUnUy7vuDZmcgk1GEF1FRWjkQc21ePU07_xSIfUIeKKMMvA97cCpvvFadJSDTp7g1sFPFWSFh5UXLmQGGCsPteWrh04yPkvugEaRmseljpYJq4CRjcliXJys_U0p8OP3be6YxsgJ4Mabo0QtejwDjEGXAhrO-l8LTT-Z5WmtOhgtVaFvDm93Slfu45ASUlynGP7NGQCVjfOeOCfunZYjZ0I6QNPEjDeVSuz_0BSYS2uHMwg1sJiTHEOcjD5bqUEQukzwAT20supqgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHvL-pLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDE2h3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC4gUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMDEwNDA0NjA0NjU0MjUxGAA&sigh=AlPbimYh5fk&uach_m=[UACH]&cid=CAQSGwDUE5ymsbCwSLEMp6dF8NO2XswLEdS1vOYk6hgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=4093122104&adk=1962238016&adf=1096795020&pi=t.ma~as.4093122104&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913563&bpp=1&bdt=219&idt=315&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GKUakNYyrf&p=http%3A//www.credit-de-france.com&dtd=319
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 08:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 16389582138339132874_13764773699756621012.jpeg
static.doubleclick.net/dynamic/5/409631259/ Frame 5AD9 4 KB
4 KB 136ms
37ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/409631259/16389582138339132874_13764773699756621012.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daffc3abfb037b18b2a021a3e2e8a1bc9a2017e1411f5328e1a13e1371755d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:30:14 GMT
x-content-type-options: nosniff
age: 302701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3755
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:43:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 20:30:14 GMT

GET
H3

200

4553853186076129233
tpc.googlesyndication.com/simgad/ Frame 5AD9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL
https://tpc.googlesyndication.com/simgad/4553853186076129233

64 KB
64 KB

41ms
41ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4553853186076129233

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:22:48 GMT
x-content-type-options: nosniff
age: 259947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65821
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 12:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 08:22:48 GMT

Redirect headers

date: Sun, 26 Feb 2023 17:01:14 GMT
x-content-type-options: nosniff
server: cafe
age: 56040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4553853186076129233
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Mar 2023 17:01:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31BF 143 B
166 B 52ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 894F 247 B
867 B 238ms
82ms Document
text/html 142.250.180.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f3.1e100.net

Software

sffe /

Resource Hash

38587fd2ddaf87ca5fe04734001ea72de3669a1c71da708aa346721ef15e5c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-SOicKWltMTEbVUdrsz8FXQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D223 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fffb4b512e15191b6f10fd3f4132d8c53964560c844435ccb87fd83c7a88b6fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCD7 143 B
166 B 52ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=280&slotname=2722702907&adk=2793921815&adf=1066727035&pi=t.ma~as.2722702907&w=900&fwrn=4&fwrnh=100&lmt=1677486913&rafmt=1&format=900x280&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677486913564&bpp=1&bdt=220&idt=322&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=1&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=500&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XdaKji51qu&p=http%3A//www.credit-de-france.com&dtd=326
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame EC89 247 B
869 B 240ms
83ms Document
text/html 142.250.180.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f3.1e100.net

Software

sffe /

Resource Hash

509ebdc144ffe27a94292d51c3bf5ff8c50e74f55bd2064df6bdc801fad1be34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-xbnkEyHVmAhuNOoXwRvKSw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F047 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b445fe34c3e62b1e9de8a3b13f06a40176b1d0d747690756df484319ef38f91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5AD9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188e97b3483753b5cfadbd5efe2ab4424fcf5fee06c18e392c715b9bd713942d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
84ms

Document
text/html

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Mon, 27 Feb 2023 08:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCD7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
90ms

Document
text/html

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Mon, 27 Feb 2023 08:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0F59 8 KB
968 B 73ms
72ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 06:40:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0F59 2 KB
765 B 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 0F59 22 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0F59 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0F59 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F59 158 KB
48 KB 112ms
112ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 0F59 33 KB
14 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F77 143 B
166 B 50ms
49ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2837 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5AD9 20 KB
21 KB 171ms
49ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:14:41 GMT
x-content-type-options: nosniff
age: 310834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 18:14:41 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5AD9 21 KB
21 KB 216ms
96ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 01:46:45 GMT
x-content-type-options: nosniff
age: 456510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:46:45 GMT

GET
H2 200 iframe.html Show response
p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 894F 5 KB
2 KB 83ms
82ms Document
text/html 142.250.180.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f3.1e100.net

Software

sffe /

Resource Hash

3b03e24a37892ed4fe432700eb10bd59ae49564fdd5ee49209d1ea09556a7fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-NrrPvedpeGOkFUx2AGDKKg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5668 4 KB
621 B 73ms
73ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 08:34:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5668 2 KB
765 B 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 5668 22 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5668 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5668 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5668 0
0 70ms
70ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIRwgz17Q2InwqVm1d0lkIRL3J3Ms-YBaRfJRs6WHylVLNm7Uf3ii6IYDJTYz76Nt8p0CnQWqwcSLcXHRoBkDUkkdAtA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5668 158 KB
48 KB 97ms
97ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 5668 33 KB
14 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H2 200 iframe.html Show response
p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame EC89 5 KB
2 KB 84ms
83ms Document
text/html 142.250.180.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f3.1e100.net

Software

sffe /

Resource Hash

ccc4534b584e3af0b2fe26696b30441afe3633369689475f3595026ccce19cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-BAQ5iqP8QDPK6ep5Plyamw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5668 0
0 91ms
91ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C08rmQmv8Y7v7Koa6YMWftliL0tSoYNK58LP3CIbO_5WEGxABILOltQZgleKQgqAHoAGLwpzHA8gBCakCw_wrOVGysT6oAwHIA8sEqgTcAU_QJA-UfhLC9hnLZp6aoLHnd2KBSR5glSJtpMCdGr36EMwBWupURonMHr6ipTBrl1LUQZKc4GLYkeSK4ahghcbIClCj0BaPR8BKXSBV1sEVn0_-JU8LweJLBR551anY-YlzpYPXbnXe79Q1uES-9gv8e7LiW0FjWQw0OGml2cljgMjMi0ymKX8TKa-ghczbB30HHWrts7xbAL1ABxx8785nZPYyj8O5y1ecFykN1TMkSgbkOoR13hz7j4y_uRd_tNQA1FPaaav0w9ichcOygJRol9x-82mOV1kx26HABNvApqDcAZIFBAgEGAGSBQQIBRgEoAYugAfdveM4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvfUU0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQE0BUBgBcBshccChoIABIUcHViLTEwMTA0MDQ2MDQ2NTQyNTEYAA&sigh=FxreBRlfKNY&uach_m=[UACH]&cid=CAQSOwDUE5ymORV_jW4ONCful_MHePb2w1FJ42PvT4-uyD4igeW1d7ABApWDB6rIiaXS8nBYMyENO6mXIEnIGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 08:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13612669983546676077/ Frame 5668 18 KB
18 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13612669983546676077/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c11b0d4dbee3c2a3d1dfbb6fbfd4883303f98d21b76e984d798f50e3d3d6bde9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 12:39:58 GMT
x-content-type-options: nosniff
age: 71717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18413
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 15:30:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Feb 2024 12:39:58 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/375708647153855026/ Frame 5668 2 KB
2 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/375708647153855026/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb3163b23c75d90213de30fbd36ca073346b0b17b2021c24b5ff23c9afb3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:09:46 GMT
x-content-type-options: nosniff
age: 440729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2418
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:27:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 06:09:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F77
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
87ms

Document
text/html

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Mon, 27 Feb 2023 08:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame EE82 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7EB2 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 14:02:11 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 14:02:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5668 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b368e9b6e3b001d006eb32de77d17f65efbae02883083528141dbbb25bacab8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 22A8 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 937E 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5668 15 KB
15 KB 50ms
49ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 328879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5668 16 KB
16 KB 59ms
58ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 401865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:57:30 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7EB2 0
104 B 101ms
27ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPkXbdm21yiFzUd3qpZtfHM&google_cver=1&google_push=Aa02lx_CBFBoFYccppyROmlmVUO_x4URug0ZD6R8KYifOhHw3vrnXK_oJ-tuAiKzXvEzybNf97UzgDhFpW04fQT9VQSIrwoXqCoC2kc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1010404604654251&output=html&h=200&adk=1854026767&adf=3648342848&pi=t.aa~a.2966782411~i.6~rp.4&w=591&fwrn=4&fwrnh=100&lmt=1677486914&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3527756319&ad_type=text_image&format=591x200&url=http%3A%2F%2Fwww.credit-de-france.com%2F&fwr=0&pra=3&rh=148&rw=591&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1677486914643&bpp=1&bdt=1299&idt=1&shv=r20230222&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d619d5fce5879a0-2223cb0630dd0073%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA&gpic=UID%3D00000bbce6c61531%3AT%3D1677486913%3ART%3D1677486913%3AS%3DALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw&prev_fmts=0x0%2C900x280%2C900x280%2C300x600&nras=2&correlator=2822973996974&frm=20&pv=1&ga_vid=277094532.1677486914&ga_sid=1677486914&ga_hid=965962506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=799&ady=3100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759875%2C44759926%2C44759842%2C44773809%2C31072648&oid=2&psts=AD37Y7vDEBr_kerFXR0ztzufHZkXKOcwKwqIVuNb-fxiPa3nAemJj_22DK9S3MR_Q2tM13zOqdWdc8ahC-YhAYI&pvsid=3104112401319991&tmod=1661711056&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tHptDqhjKQ&p=http%3A//www.credit-de-france.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBaLdDrn8KFHE7YDVF_TGYU&google_push=Aa02lx8q_VrnR1CLtGN2pYrkAxmYkBvuzVMv3ApWxCc-i9UyCzhxs-_-Zn...

170 B
232 B

73ms
73ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBaLdDrn8KFHE7YDVF_TGYU&google_push=Aa02lx8q_VrnR1CLtGN2pYrkAxmYkBvuzVMv3ApWxCc-i9UyCzhxs-_-ZnpJAACraTxLlnOxFaPSVtkS_rikkJux_ipSXsvr4g4Y1YM

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220073-HHN
pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677486916.551567,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBaLdDrn8KFHE7YDVF_TGYU&google_push=Aa02lx8q_VrnR1CLtGN2pYrkAxmYkBvuzVMv3ApWxCc-i9UyCzhxs-_-ZnpJAACraTxLlnOxFaPSVtkS_rikkJux_ipSXsvr4g4Y1YM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO5F_tTtdy8U8noSqsfsLvI&google_cver=1&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBWHyoS3isI&google_hm=eS1lNnZESHpaRTJwRml...

170 B
188 B

73ms
73ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBWHyoS3isI&google_hm=eS1lNnZESHpaRTJwRmlROUxVMzVsa1d5czJfWmtRNENGb35B

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Feb 2023 08:35:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-7Xy5TtFKVGTYVj3ll0-zIFQP_KgEKadCHpCV0RCHY1J-QPYbj1p3cH4JuMEjvpDiOK3I7E71sI9lJjazJv6a1kBWHyoS3isI&google_hm=eS1lNnZESHpaRTJwRmlROUxVMzVsa1d5czJfWmtRNENGb35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUfexdGAxb0u7RGxIswSQY&google_cver=1&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7V...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNS0VCWE4tMU4tNzhWQQ==&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7VfECQO7_AUqL92F0xS2UD0p5RqV3k

170 B
329 B

87ms
73ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNS0VCWE4tMU4tNzhWQQ==&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7VfECQO7_AUqL92F0xS2UD0p5RqV3k

Requested by

Host: www.credit-de-france.com
URL: http://www.credit-de-france.com/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNS0VCWE4tMU4tNzhWQQ==&google_push=Aa02lx-mL1uEbD6VtXeop9tHIVI4CSyDKpPn16e8Bw-ahk8yMgnGE_8d6rGRaNInrzS7kauNE7VfECQO7_AUqL92F0xS2UD0p5RqV3k
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKFdKOdztQO2SyuX8gtYewg&google_cver=1&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostV...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKFdKOdztQO2SyuX8gtYewg&google_cver=1&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostV...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc&google_hm=GOcjCGZHZzXnL7vkTcm...

170 B
188 B

74ms
73ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc&google_hm=GOcjCGZHZzXnL7vkTcm1AGFT

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 08:35:16 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9Y89I3TD2shYgz15o41pppt3IT7bfvxOzrgJYDLafDclZ8mAfBW9_KVxoRGVdzYHBNTZXF4K31NSM7bostVfCJMPzR2nqpthc&google_hm=GOcjCGZHZzXnL7vkTcm1AGFT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-b8b3c9ea-eaae-4bcf-abda-3cc0c28dacec-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8PGw2VESs9ZYlSoC2kl...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&google_hm=A7izyerqrkvPq9o8wMKNrOw

170 B
232 B

75ms
74ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&google_hm=A7izyerqrkvPq9o8wMKNrOw

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8PGw2VESs9ZYlSoC2klqL1thP3hbvuL32ySbaSgjTDW-xZDewP276W6wnjN0vvfMEEdRK4VFBJAdThj33rDz2CFeZ9e4VwcA&google_hm=A7izyerqrkvPq9o8wMKNrOw
date: Mon, 27 Feb 2023 08:35:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb8b3c9eaeaae4bcfabda3cc0c28dacec003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPwea63_Mztikf-mY7vYUDw&google_cver=1&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkO...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPwea63_Mztikf-mY7vYUDw&google_cver=1&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YODVSQW1GRTJ1RlY0RGguR3NEVGY5ZXM0VV9zcC5XTn5B&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7G...

170 B
232 B

74ms
74ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YODVSQW1GRTJ1RlY0RGguR3NEVGY5ZXM0VV9zcC5XTn5B&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkOeOHu714P_XSYF3FcVgCPIuTNzhVTI

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YODVSQW1GRTJ1RlY0RGguR3NEVGY5ZXM0VV9zcC5XTn5B&google_push=Aa02lx9zvaWargkVrxSKSULkq1_6lKocARVjVtQLYnYhjaePiWthnsr7Ge6HBxe_vncghlgTkOeOHu714P_XSYF3FcVgCPIuTNzhVTI
date: Mon, 27 Feb 2023 08:35:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7EB2 0
139 B 192ms
70ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvHr2h4UBUC0tEs9Zm5ciTg9burHr_hMud3Asa1YYutF7eWMANvW3o574E3BMfI2bwgcE7sA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 172ms
87ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e33b897eb30f52e2e396ef86f60a2e83ecc6e06779936101ae4cfd4fea29948c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11205
x-xss-protection: 0

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5138 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:35:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD23 13 KB
5 KB 43ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 07:43:09 GMT
expires: Tue, 27 Feb 2024 07:43:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4740 783 B
535 B 75ms
74ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5940788b8d264a623e8c3d6f3c5421379702b60af54dba750553084a6b0ff4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AIm1FGj3D7aSNcfYsDIm-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.credit-de-france.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-AIm1FGj3D7aSNcfYsDIm-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 08:35:15 GMT
expires: Mon, 27 Feb 2023 08:35:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame DD23 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:08:34 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DD23 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Mzeb9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:35:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4740 0
0 75ms
74ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3104112401319991&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D223 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_cjdKCOOfAMifOzMwE3CsLbIB6gkhFZarsWcfIag3XPPRgouMvd3lWCIV1WZLL0ndvvlw_00C9VJo3I9lmRLFip7QKvgtd2KtDhX8c0lhbc8vFHkyHUWzTDYSnWiYZnNoF5QVzw&sai=AMfl-YTItyhe1aQ8Ox7N_E1AFRDLfUWEV_cSt3LtOhzA9HrsowmbLV26kC0BpLxTvxzVAIokUEhkTb-oiWBu&sig=Cg0ArKJSzCss2jqIWhsxEAE&cid=CAQSGwDUE5ymPQV40wThUUI2KCeIwgOhCF6qpffNchgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=0,772,1000,1169,1235&tos=0,772,228,169,66&v=20230222&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=4&adk=1242408261&rs=2&la=0&cr=0&vs=4&r=v&rst=1677486914735&rpt=403&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5AD9 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ8VofUvFERzn7RYmIVbmnft8VBN_FGjgO_qj7YmvnEsbqCHdbV3KWGqXGDbm7XuvKuicelVW7PxhfDDxB-JHCz6GnANi09KmIzeyt8HUPjue8Pa_jIIcb1XXWdHbGh4tA80sg_Q&sai=AMfl-YQzZjau70EX1ra0DEglhFuuehm2-K7nSrVAusNfvVJKv4IAmBczSrADPHLSj8ssyG2jnVuATZaveyB0&sig=Cg0ArKJSzJgKD_-2ld37EAE&cid=CAQSGwDUE5ymsbCwSLEMp6dF8NO2XswLEdS1vOYk6hgB&id=lidar2&mcvt=1000&p=0,0,280,900&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1962238016&rs=2&la=1&cr=0&vs=4&r=v&rst=1677486913883&rpt=1593&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 08:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3104112401319991&bg=!g4ClgNTNAAZYlHKzeJQ7ADkAdvg8Wnfq3uH9cEkHMRFWt9ZEJ3_xcdWYRvdtdzFBnhGu8jHRfiyjhgVGQ_bFQuX4pOUt5tZO5IMCAAAAQlIAAAADaAEHmQKeVuEHHhUkLydaA8hiqCUPaMuhNczuKLnQTIh69qV-Bt14wQThPU1QSTh6BilkQSMsAedp52aUx3r7oMkTqDqmJOHHJbCEwLTX8BaTZ9zh9IzylOCxAgWK1Mq4FyASPOiq6zcEdAkKmbqw76JcUVv9xFWACERl9de_UsQhSluL_X0yeoz6LjA6jutRxsNIoSbHjxbIZeP_dqMJv_UcXzdRqx73wztMW6GA__20tEbCSIDZaYmbYmLhhoOKKg7RftRsF10uJTNVvd5a1Q0aFDgoIjAhjzm6jjApBeVR19U9whBT1TlxbBtSuHmpsR56uwVJHxVxV_L-jO6piaaF-Giuo_H4em7EHqhG0aGT3OxBGkyHvqa7m3mqKKmWpUUj6YegcW1Gk0FZ7JWkcvG-JqNgeDwPq_d1xJTXMx8z7HN-y7O-RIy0gXVPqk7R9N74YJw0R92Itmc6KCKmcrYUfiGOs93T8xhtNXsb3RoV8isPZGuoILUPDew8pTgOYJKO395Lexs9Y8B34xoKc5OysGCFsf3JXo10gVbzPmoMoaJqygVg3PBqXQJGpv5YxmT6IEQr_SKbgqgLjMUYFTNBRCmS20zZpgbwhFRNM7m-NzDhylLXDjsDy_tdbeSuNHZqkl0sjYixlMcWP8LXP1xhtfeT9Bn1GYBRGGeFtj1Ab9B4X5n4DV_GjwXdc16EmNCU6QUtl5xNj0IGtndzCYp5h-Dq8cjusA6X1aM2v1qAMs6yyDUhZJQggdbrNjPl64MILG0GMPpdK3hYib2i4hFLa38X2SezUj-e5ZtUszTvxTBGZcyAC6mdpvJVDTHuljKUgusKJ3ugI9PiWsCSMEc8VEzuLZAlnzsV-D2Qfe5eJaT6bzTN0_T_2lvy-VW34O7pZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.credit-de-france.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pixabay.com/	1970-01-20 09:58:08	Name: __cf_bm Value: 0wmsSjz4LODDRdb2wNgfUQZPom2S18Zmij8hMoxSxyo-1677486913-0-ATSn21SyDCG3ScbR3v+1IJwvjFA1Mri9i6jj+4caYNIE//V85op+kUsXBRgsfbxSO26qzpvL/V5dGCCZJRmVPv0=
.credit-de-france.com/	1970-01-20 19:19:42	Name: __gads Value: ID=3d619d5fce5879a0-2223cb0630dd0073:T=1677486913:RT=1677486913:S=ALNI_Man2cYlnR5b2Ks5JOlJdL2PqtrrIA
.credit-de-france.com/	1970-01-20 19:19:42	Name: __gpi Value: UID=00000bbce6c61531:T=1677486913:RT=1677486913:S=ALNI_MZkN8RAhmg7hrXc6fDtfLYr3Wo3Jw
.doubleclick.net/	1970-01-20 19:19:42	Name: IDE Value: AHWqTUmD-Tqu5HNrNn2lccK-zfusb2TqARhqoRoveNKNQ5-i6qPPga7hMQpNGvMvsCg
.doubleclick.net/	1970-01-20 09:58:07	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:58:10	Name: DSID Value: NO_DATA
.analytics.yahoo.com/	1970-01-20 18:43:42	Name: IDSYNC Value: 18yx~2a88
.1rx.io/	1970-01-20 18:43:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b8b3c9ea-eaae-4bcf-abda-3cc0c28dacec-003%22%7D
.everesttech.net/	1970-01-20 18:43:42	Name: everest_g_v2 Value: g_surferid~Y-xrQwAIhAherwBh
.targeting.unrulymedia.com/	1970-01-20 18:43:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b8b3c9ea-eaae-4bcf-abda-3cc0c28dacec-003%22%7D
.yahoo.com/	1970-01-20 18:44:04	Name: A3 Value: d=AQABBENr_GMCEDw22aL3xpFKgBsr5CqylE0FEgEBAQG8_WMGZAAAAAAA_eMAAA&S=AQAAArJ1Gnf0BCBs7ldg3Vv1u_8
.lijit.com/	1970-01-20 18:43:42	Name: ljt_reader Value: GOcjCGZHZzXnL7vkTcm1AGFT

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1242408263&client=ca-pub-1010404604654251&fa=3&ifi=7&uci=a!7&xpc=PCDWimg0g2&p=http%3A//www.credit-de-france.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1242408264&client=ca-pub-1010404604654251&fa=4&ifi=8&uci=a!8&xpc=MpVqp5g6Vi&p=http%3A//www.credit-de-france.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ap.lijit.com
cdn.pixabay.com
cm.g.doubleclick.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p4-fcnk457d72b2e-og5umwm3xqcddufb-if-v6exp3-v4.metric.gstatic.com
p4-gpilt4cjpsexo-6buvmusq4hxps3zv-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
static.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.credit-de-france.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.180.226
142.250.180.227
151.101.130.49
151.80.201.34
209.191.163.208
213.19.147.44
2606:4700::6812:e10
2a00:1450:4001:813::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:806::2002
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2003
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:4f1d:e35c:100b:dcbe
3.126.56.137
69.173.144.165
09c5ad1567739e399e8ca3472d0ef0a1b19a23718b7016f72c576125d244e7a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188e97b3483753b5cfadbd5efe2ab4424fcf5fee06c18e392c715b9bd713942d
1b368e9b6e3b001d006eb32de77d17f65efbae02883083528141dbbb25bacab8
1daffc3abfb037b18b2a021a3e2e8a1bc9a2017e1411f5328e1a13e1371755d2
2c96833cbecd2d34f3b2e0d997fa23500813b0301cbfb1ea2e0f51cbdf3d639f
2d4477db7632c4198d465fef068ee11b28b0f8b776bbb290937529de6312f986
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38587fd2ddaf87ca5fe04734001ea72de3669a1c71da708aa346721ef15e5c55
39f3b6ac0b469a7ead78634a07f995c3d1771020ed2dcbadca5b7816f6941ba4
3b03e24a37892ed4fe432700eb10bd59ae49564fdd5ee49209d1ea09556a7fd4
42c3ebd7d230b706d9e546ec45c285ef740ea577614c13e153dec92b2d00cdf4
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fdb3163b23c75d90213de30fbd36ca073346b0b17b2021c24b5ff23c9afb3e2
509ebdc144ffe27a94292d51c3bf5ff8c50e74f55bd2064df6bdc801fad1be34
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b445fe34c3e62b1e9de8a3b13f06a40176b1d0d747690756df484319ef38f91
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c0223cca50c472b84fafe33d2156b0e4e14274512366f658f9738e5f665612f
7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf
7a95d062f80ced60a9e206a1a31ef5bf9b13884fbf24f71b5729bf63cd5cbb8d
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
88dceceed55749db15d5d3b87ea94341789be83502311cdcea8c336e4d777612
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
98cfa2d9d1d654d01713b4eca76f79715e7ca01af2c4e162b2c8ca44a1583a27
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a334cc1e84d346ba356b125bc1ac51fc570926c6aecac8861f1cc4f9e04b93e6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab756ff59a87aadfe14859a79ba6aede08e6d43584c84a12726a92918d0f2ca8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b47a13d505123453dc070b2dc1c25cec36138372c0adf64fe8871186bb4982c3
b5fb1d7183cbe714a58454ac8cf5e721df3c7e21ea1733ca578b7be3ee61dbc5
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c11b0d4dbee3c2a3d1dfbb6fbfd4883303f98d21b76e984d798f50e3d3d6bde9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ccc4534b584e3af0b2fe26696b30441afe3633369689475f3595026ccce19cc6
d4788543e70ae3b1cca01945e17cd2fb9fb50eecaa449f98772b6bae07436e15
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e33b897eb30f52e2e396ef86f60a2e83ecc6e06779936101ae4cfd4fea29948c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
ea23b53720c57b82c2177e0410ef2d694a6f056504eb784bb7e4b2b5873b9119
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
eef67771e483e3d3f320273fa5815b7e30a0c44f54edcd6ab3409b6c875a0a8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5940788b8d264a623e8c3d6f3c5421379702b60af54dba750553084a6b0ff4d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fe96c076470be73d56485254d280f87267a7b0719a8244e75d5a41463a78f781
ff21788b71323d719f13c3fc5293b72ba98c7b88a6ceaaf42e4d932e3eec6cbb
fffb4b512e15191b6f10fd3f4132d8c53964560c844435ccb87fd83c7a88b6fb

www.credit-de-france.com Open in urlscan Pro 151.80.201.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

91 %HTTPS

64 %IPv6

17 Domains

25 Subdomains

17 IPs

6 Countries

2002 kBTransfer

4575 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.credit-de-france.com Open in urlscan Pro
151.80.201.34 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

91 %
HTTPS

64 %
IPv6

17
Domains

25
Subdomains

17
IPs

6
Countries

2002 kB
Transfer

4575 kB
Size

12
Cookies

133 HTTP transactions
5 data transactions