ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngembassy.org/
Effective URL:
https://ngembassy.info/
Submission: On December 21 via api (December 21st 2022, 12:06:51 pm UTC) from FR — Scanned from FR

Summary HTTP 206 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 37 domains to perform 206 HTTP transactions. The main IP is 103.72.77.63, located in United States and belongs to A2HOSTING, US. The main domain is ngembassy.info.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time ngembassy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	103.72.77.63 103.72.77.63	55293 (A2HOSTING) (A2HOSTING)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 16	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	3.124.162.93 3.124.162.93	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	() ()
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:749a:6a0e:3033:c14	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	() ()
1	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	54.186.226.179 54.186.226.179	() ()
1 1	35.204.74.118 35.204.74.118	() ()
1	52.223.40.198 52.223.40.198	() ()
2 2	37.157.4.28 37.157.4.28	() ()
2	2606:4700:20:... 2606:4700:20::681a:61b	() ()
4	2606:4700:20:... 2606:4700:20::ac43:4a81	() ()
2 4	95.131.136.1 95.131.136.1	() ()
2	192.229.220.129 192.229.220.129	() ()
2	96.16.147.165 96.16.147.165	() ()
206	31

27 103.72.77.63 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: m.server48.com

ngembassy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngembassy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.162.93 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-162-93.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (None, ) 2 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:749a:6a0e:3033:c14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.226.179 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:61b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4a81 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.136.1 (None, ) 2 redirects

ASN- ()

vcb.happ-e.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.220.129 (None, )

ASN- ()

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.147.165 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	570 KB
37	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	202 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28664 ad4m.at — Cisco Umbrella Rank: 9760 assets.ad4m.at	944 KB
26	ngembassy.info ngembassy.info	263 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	150 KB
9	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	374 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	6 KB
4	metaffiliation.com 2 redirects action.metaffiliation.com img.metaffiliation.com	270 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292 static-de.ad4mat.net	7 KB
3	google.fr adservice.google.fr — Cisco Umbrella Rank: 26321	1 KB
2	awin1.com www.awin1.com	1 KB
2	happ-e.fr vcb.happ-e.fr	4 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 690	491 B
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 639	927 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12945	568 B
1	adsrvr.org match.adsrvr.org	265 B
1	simpli.fi 1 redirects um.simpli.fi	901 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 761	75 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	576 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	716 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1782	173 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 309	464 B
1	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 4459	125 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427	587 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 634	762 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	539 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	700 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2623	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	76 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 16062	161 KB
1	ngembassy.org 1 redirects ngembassy.org	278 B
206	37

	Domain	Requested by
38	tpc.googlesyndication.com	googleads.g.doubleclick.net ngembassy.info pagead2.googlesyndication.com tpc.googlesyndication.com
26	ngembassy.info	ngembassy.info
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngembassy.info
18	pagead2.googlesyndication.com	ngembassy.info pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net ngembassy.info
12	assets.ad4m.at	as.ad4m.at
10	www.gstatic.com	googleads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.fr	pagead2.googlesyndication.com
2	www.awin1.com	as.ad4m.at
2	img.metaffiliation.com	as.ad4m.at
2	action.metaffiliation.com	2 redirects
2	vcb.happ-e.fr	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	prod-rtb.ad4mat.net	ngembassy.info
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	d5p.de17a.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	d.agkn.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ngembassy.info
1	cdn.ckeditor.com	ngembassy.info
1	ngembassy.org	1 redirects
206	46

This site contains links to these domains. Also see Links.

Domain
ngspan.com

Subject Issuer	Validity	Valid
ngembassy.info R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
vcb.happ-e.fr Gandi Standard SSL CA 2	`2022-02-08` - `2023-02-23`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://ngembassy.info/
Frame ID: 2A2CD671E71C4543E86CD972E7B4B003
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: D3AB265D1B0D65AB5B05E098F18E9E98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1671624406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405932&bpp=8&bdt=768&idt=204&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=225882010196&frm=20&pv=2&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Frame ID: 39204770D23F8D47063E73EA58B4BCA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405940&bpp=2&bdt=776&idt=225&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BjizKgkdHL&p=https%3A//ngembassy.info&dtd=228
Frame ID: F952E094662B8B19B6F3247772A86E2A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8
Frame ID: A6B76D87925D0BFF7A980D605B717AA9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13
Frame ID: BAF67396E64AFBDBA6662D49C342A67A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
Frame ID: E6D06302608ADA316F00CB1FE19551E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 44DD3611397C23B5791D254A6AD6DCC1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: D23EFEBE11F18C2B3109FD6930F1D397
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 129DD390F619129BFDD6D2832ECF7A19
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: AAF4B18912F9054645927A53A9B97179
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4A7B539143B513129DD4CDB9644A383E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CRIQQ1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwAFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVeVEemwuY2gnX3cyenBdWYxpugQDxNumXg373gjY0h-AvVcRO2OOABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=VN9lFguvofA&uach_m=[UACH]&cid=CAQSOwDq26N93V8WB3dC1qkE4_XbI4HxPcepPzZYUNOsg1CHQYgWMoZfXwinX9O5IeoxuCnQlN6d9K6i1ifCGAEgEw
Frame ID: 3E9380B628B537224C8A143A238AEFE3
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 5D7932BA8BE195F66EBB28B5B32ACB66
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62F25767CD9096A5DEE71ABDF3C37BD2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F02142F03697671578F9216AD7B8925
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8AF006AD77E0052205910F6FEB7EC805
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 43F9CA519D4288AC84E837EFF8E152B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: AE924523BF870C96937571029793DB13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4JeK1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMABT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM815QMHTTbJPqq6SImHeHBBxL8AA_LE3tsNXHETxllt6_pCNFw7agAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=upv5wpobaBs&uach_m=[UACH]&cid=CAQSOwDq26N9809IoyoML8kduDXIzYIuShackvh5N6Wcux0WGcxd0aZCY6ECo18Gwm1xgDFmid3zD_eEoHy6GAEgEw
Frame ID: 7C7506486E363596F494267413AA2C3D
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 7EA541D0FC92A680AFE6934D4F92A4D2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3B4E1C463F87FF553D03675F4A4E98D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 52DCDC861BD1852C4A55FA18E4969803
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D465056BC3F8E101326118D279AA1274
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 7264EC0B216FAA378262C1853C710BBF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 35DBD4CC21EB2E48C684D48EF14D72BD
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9D0974D9394A9626F14B3175E43CEA41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: DC00D2FC0011452AE12FFC204CC01263
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: 4B02A64E505664801219FA5937500FD1
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: BEEDF674972D5ACDA8016C4C5E803C5E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B19EDE35421E2B486109D0DC54719369
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7046C5F8A34401AD0C6FD4B949A3B98E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ngEmbassy : Integrated Information Portal

Page URL History Show full URLs

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

206
Requests

92 %
HTTPS

49 %
IPv6

37
Domains

46
Subdomains

31
IPs

6
Countries

3030 kB
Transfer

6958 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ngspan.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOWrhay8vX6V099UkEs8R48&google_cver=1&google_push=AavPq0OPM-W4G1tUkgdz5EB6TwZK14ROD102Yk3MKGV7g3eogkWqv8PcXqky6Igq4rWbTTG7Hlk4iWsf7yHBrP1au-Z3mzBXZlm9vbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOWrhay8vX6V099UkEs8R48&google_push=AavPq0OPM-W4G1tUkgdz5EB6TwZK14ROD102Yk3MKGV7g3eogkWqv8PcXqky6Igq4rWbTTG7Hlk4iWsf7yHBrP1au-Z3mzBXZlm9vbw

Request Chain 149

https://d.agkn.com/pixel/2175/?google_gid=CAESECS484HnrDrjg1UEhmo4meI&google_cver=1&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg&google_hm=Q0FFU0VDUzQ4NEhuckRyamcxVUVobW80bWVJ

Request Chain 150

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJGXAzmjKUSX4PLYBbCiXyA&google_cver=1&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q4GKx5lUyAyCanCgCs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTU3MjE2MzU3MjI2NzE1Ng%3D%3D&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q4GKx5lUyAyCanCgCs

Request Chain 151

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMODAUpgznfT-BkqOhWGE1A&google_cver=1&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz6RPh2t0qhfc-of0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz6RPh2t0qhfc-of0

Request Chain 153

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3VxWWh9dPfaiexRcTBPR4&google_cver=1&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5TqzmdcNrm_qE9Valqkde1_fFVyPf13E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYTTBHUUItMTktMTJQNw==&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5TqzmdcNrm_qE9Valqkde1_fFVyPf13E

Request Chain 154

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_cver=1&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-CWiTWEnmxDY63nvwyXLcBWHp-4-yo1Ak8h-LqRf0376GLqK93cNhEO8MnNA1B8CwA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-CWiTWEnmxDY63nvwyXLcBWHp-4-yo1Ak8h-LqRf0376GLqK93cNhEO8MnNA1B8CwA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_hm=Y6L22Pt7X8cWQxEV8gw3zgAABLYAAAAB&google_nid=index&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-CWiTWEnmxDY63nvwyXLcBWHp-4-yo1Ak8h-LqRf0376GLqK93cNhEO8MnNA1B8CwA

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 161

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAwh3LfCzYhX202v1IQ8szU&google_cver=1&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbmlIGinGHk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbmlIGinGHk&google_hm=eS1xYjRubVlaRTJwRjlqZmpPMmFfUzBPSnZVMm5uZXVZOH5B

Request Chain 162

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEXVTKBFukv2h4bReiL7Ko0&google_cver=1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671624409058 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3610815c-0b01-4fe6-bc9b-8be0b9a63fc6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w%26google_hm%3DAzYQgVwLAU_mvJuL4LmmP8Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&google_hm=AzYQgVwLAU_mvJuL4LmmP8Y

Request Chain 164

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN31usPdU09ivfKQkYcMB-U&google_cver=1&google_push=AavPq0OrTzIRTg0cVxB3_0n7uzUlkPsDsNfloCxIvZ99ceprzsVBCurXkOYx27LqNNmdXZKkDNMx69LpeUcMWmdFw8bY9fNoewO7WcXN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OrTzIRTg0cVxB3_0n7uzUlkPsDsNfloCxIvZ99ceprzsVBCurXkOYx27LqNNmdXZKkDNMx69LpeUcMWmdFw8bY9fNoewO7WcXN HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6LUNfDJ_eyJlMAShXLwjJC-nxLDxFN_lxfM3EXx6ALA5_l8_dIIbmm2-HlYPBgaMQ6s9HkPVy3MYeXgcLEO389GkdO9M2J0W1f9YkA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6LUNfDJ_eyJlMAShXLwjJC-nxLDxFN_lxfM3EXx6ALA5_l8_dIIbmm2-HlYPBgaMQ6s9HkPVy3MYeXgcLEO389GkdO9M2J0W1f9YkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjRqbVlGbzQxUDdYUzE1&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6LUNfDJ_eyJlMAShXLwjJC-nxLDxFN_lxfM3EXx6ALA5_l8_dIIbmm2-HlYPBgaMQ6s9HkPVy3MYeXgcLEO389GkdO9M2J0W1f9YkA

Request Chain 169

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 170

https://um.simpli.fi/gp_match?google_gid=CAESEOW18UQ_urW3Op_QWIORavc&google_cver=1&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukUrlGY6tSsK68arGbaKemKwtd4NupasN_kvkcLk0YQ8uDt-ZpFXhIaMxJFy6EQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A4056046EBAE4123A58060F1D7F7C4FB&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukUrlGY6tSsK68arGbaKemKwtd4NupasN_kvkcLk0YQ8uDt-ZpFXhIaMxJFy6EQ

Request Chain 172

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEBRasNrMjMltzRdrtiOLtY&google_cver=1&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-SwSAgpgjgRaEYOUz0ukKMCgwko2tbYCoFARJwjNdvHrQjoNmplqSye-qz3g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-SwSAgpgjgRaEYOUz0ukKMCgwko2tbYCoFARJwjNdvHrQjoNmplqSye-qz3g

Request Chain 173

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKm6uUsWqJiS50O1wRSLNNM&google_cver=1&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISRSmvdlojiPsRG3T6UuudwrMWk-KSSk4rbSLrqpdN3276vMLO2WLmyuoxckQJj1JUtig HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKm6uUsWqJiS50O1wRSLNNM&google_cver=1&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISRSmvdlojiPsRG3T6UuudwrMWk-KSSk4rbSLrqpdN3276vMLO2WLmyuoxckQJj1JUtig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5OTczNjI3NjU3MTUyMTEzOA&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISRSmvdlojiPsRG3T6UuudwrMWk-KSSk4rbSLrqpdN3276vMLO2WLmyuoxckQJj1JUtig

Request Chain 198

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 208

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

206 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ngembassy.info/
Redirect Chain

http://ngembassy.org/
https://ngembassy.info/

38 KB
8 KB

1420ms
295ms

Document
text/html

103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: ccb415e54af1fbb92f30d06069c7b0d85cc0334380adf7986d67984535261802

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7758
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Dec 2022 12:06:44 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 21 Dec 2022 12:06:43 GMT
Keep-Alive: timeout=5, max=100
Location: https://ngembassy.info/
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
ngembassy.info/themes/default/assets/bootstrap/css/ 115 KB
19 KB 114ms
114ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 03:38:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1caa7-5c4d9d18a4380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19287

GET
H/1.1 200
OK font-awesome.css
ngembassy.info/themes/default/assets/font-awesome/css/ 32 KB
7 KB 116ms
114ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7e3e-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6423

GET
H/1.1 200
OK select2.min.css
ngembassy.info/themes/default/assets/plugins/select2/ 15 KB
2 KB 230ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3a3d-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1920

GET
H/1.1 200
OK _all-skins.min.css
ngembassy.info/themes/default/assets/dist/css/skins/ 41 KB
4 KB 321ms
107ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/skins/_all-skins.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "a554-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3301

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.5.2/full/ 542 KB
161 KB 166ms
43ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.5.2/full/ckeditor.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:45 GMT
x-cf-tsc: 1671133114
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:fA.waw1:co:1663772073:cacheN.waw1-01:M
x-cf-reqid: 7c6f7bd0350b7d3550b3b48f5ad333bb
content-length: 164316
x-xss-protection: 1; mode=block
x-cf2: H
last-modified: Tue, 04 Aug 2015 13:14:26 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 4424680
accept-ranges: bytes
x-cf-rand: 55.057
expires: Tue, 01 Nov 2022 14:23:59 GMT

GET
H/1.1 200
OK hover.css
ngembassy.info/themes/default/assets/dist/css/ 102 KB
7 KB 323ms
108ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/hover.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1971f-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7203

GET
H/1.1 200
OK custom.css
ngembassy.info/themes/default/assets/dist/css/ 40 KB
7 KB 327ms
110ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/custom.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Oct 2021 22:47:08 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "9fa1-5cf99b938b300-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7222

GET
H/1.1 200
OK jQuery-2.1.4.min.js Show response
ngembassy.info/themes/default/assets/plugins/jQuery/ 82 KB
29 KB 336ms
115ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/jQuery/jQuery-2.1.4.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14979-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29532

GET
H/1.1 200
OK jquery.inputmask.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 88 KB
16 KB 343ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "161ab-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15666

GET
H/1.1 200
OK jquery.inputmask.date.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 22 KB
3 KB 429ms
107ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.date.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "591e-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2827

GET
H/1.1 200
OK jquery.inputmask.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 5 KB
2 KB 430ms
107ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14c3-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1197

GET
H/1.1 200
OK custom_css
ngembassy.info/ 24 KB
5 KB 434ms
214ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 4420
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 108ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733424e6ef37f9e0116ccb9fb7102ee52e38fd32121411d01a91c7c5b776e4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Dec 2022 12:06:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 233ms
118ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0505bdac187042bc6464b2c20c1ca0a015ccb472bed41ab4aa7fde845a94be9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49901
x-xss-protection: 0
server: cafe
etag: 18288481413403241743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 12:06:45 GMT

GET
H/1.1 200
OK title_logo_embassy.png
ngembassy.info/uploads/ 2 KB
2 KB 200ms
110ms Image
image/png 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/title_logo_embassy.png
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Last-Modified: Mon, 14 Dec 2020 00:42:02 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "800-5b661e9136a80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2048

GET
H/1.1 200
OK bootstrap.min.js Show response
ngembassy.info/themes/default/assets/bootstrap/js/ 35 KB
10 KB 112ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "8c6f-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9539

GET
H/1.1 200
OK select2.full.min.js Show response
ngembassy.info/themes/default/assets/plugins/select2/ 70 KB
20 KB 114ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.full.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11604-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20119

GET
H/1.1 200
OK moment.min.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 34 KB
12 KB 112ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/moment.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "87b1-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11869

GET
H/1.1 200
OK daterangepicker.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 52 KB
10 KB 111ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/daterangepicker.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "d1af-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9373

GET
H/1.1 200
OK bootstrap-timepicker.min.js Show response
ngembassy.info/themes/default/assets/plugins/timepicker/ 15 KB
4 KB 112ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/timepicker/bootstrap-timepicker.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3c5d-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3494

GET
H/1.1 200
OK icheck.min.js Show response
ngembassy.info/themes/default/assets/plugins/iCheck/ 4 KB
2 KB 114ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/iCheck/icheck.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11a4-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
ngembassy.info/themes/default/assets/plugins/slimScroll/ 6 KB
2 KB 114ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/slimScroll/jquery.slimscroll.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1856-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2062

GET
H/1.1 200
OK fastclick.min.js Show response
ngembassy.info/themes/default/assets/plugins/fastclick/ 9 KB
3 KB 111ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/fastclick/fastclick.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2248-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2831

GET
H/1.1 200
OK app.min.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 112ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/app.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2402-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2863

GET
H/1.1 200
OK imagelightbox.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 115ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/imagelightbox.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "25d4-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2488

GET
H/1.1 200
OK custom_js Show response
ngembassy.info/ 16 KB
16 KB 189ms
189ms Script
text/style 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:45 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/style;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cookieinfo.js Show response
ngembassy.info/scripts/ 7 KB
3 KB 112ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/scripts/cookieinfo.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 22:02:28 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1dc9-5d0daf6f12500-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2984

GET
H/1.1 200
OK fontawesome-webfont.woff2
ngembassy.info/themes/default/assets/font-awesome/fonts/ 63 KB
63 KB 202ms
111ms Font
font/woff2 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Origin: https://ngembassy.info
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:45 GMT
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "fbd0-56f6c65a4bf00"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 64464

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 69ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HX21LM9FM&gtm=2oebu0&_p=1318564456&cid=1195666794.1671624406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671624405&sct=1&seg=0&dl=https%3A%2F%2Fngembassy.info%2F&dt=ngEmbassy%20%3A%20Integrated%20Information%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngembassy.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 106ms
105ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b83b35df3f793b6baf4d1ac5fade634bb1a9dae7532bf91842d9f7fcf1def5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 5445258479544567939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 12:06:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame D3AB 10 KB
5 KB 88ms
25ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 10957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 09:04:09 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 09:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 343ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngembassy.info&callback=_gfp_s_&client=ca-pub-2910357982650786&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info&bust=31071168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c784ab8201666c15d8623bcd62c5ca50db4df206744a44bc14e4bb05afc0210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 119ms
35ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3920 480 KB
86 KB 647ms
596ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1671624406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405932&bpp=8&bdt=768&idt=204&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=225882010196&frm=20&pv=2&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6699801ca1980cf2d479f40a56feb5c7c705272809e1cde4bcc6d1d6c34f690a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 88086
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:46 GMT
expires: Wed, 21 Dec 2022 12:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F952 95 KB
32 KB 847ms
805ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405940&bpp=2&bdt=776&idt=225&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BjizKgkdHL&p=https%3A//ngembassy.info&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

745fac9a3aa1207923214812688a1142faf1815b0cd31e3dd1668fa22f3aa337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33146
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:46 GMT
expires: Wed, 21 Dec 2022 12:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 101ms
100ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3adccfa5b774913e80a67db5207766fa47dbaeac507a9a103d764f490525b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52346
x-xss-protection: 0
server: cafe
etag: 13511862495695049851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 12:06:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 83ms
33ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 85ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6B7 100 KB
35 KB 633ms
632ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f79775d7d3b686745c69773aafe73e69c16ec1514ba21b76886df78010474d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35778
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:47 GMT
expires: Wed, 21 Dec 2022 12:06:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAF6 31 KB
12 KB 340ms
339ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733e4cb500204abc1519a76fbd8cae3fc21710d17d092820e7a00585a0441e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12390
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:47 GMT
expires: Wed, 21 Dec 2022 12:06:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6D0 31 KB
12 KB 437ms
435ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b028ab20adf9f77486fd1e7d5df7ef02757d1d7585f58b170d7152e7c3b13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:47 GMT
expires: Wed, 21 Dec 2022 12:06:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 38ms
38ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 44DD 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 65094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Tue, 03 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame D23E 10 KB
4 KB 34ms
34ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 65094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Tue, 03 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 129D 10 KB
4 KB 37ms
32ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 65094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Tue, 03 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame AAF4 10 KB
4 KB 49ms
44ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 65094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Tue, 03 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F952 8 KB
1 KB 156ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405940&bpp=2&bdt=776&idt=225&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BjizKgkdHL&p=https%3A//ngembassy.info&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:46:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F952 2 KB
818 B 291ms
110ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F952 23 KB
10 KB 225ms
44ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F952 3 KB
1 KB 267ms
116ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F952 18 KB
7 KB 227ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F952 153 KB
47 KB 159ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame F952 34 KB
14 KB 116ms
25ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F952 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfypl1vaiY-_FDqS9zAaEmLDoC7DkhIZu6YXhsLYQgezmzdkQEAEgyv7WhwFg-wGgAe-d_9soyAEJqQKmpurm4h97PqgDAcgDywSqBMcBT9D-IYB3N0cm4ytP0xAno-YXCy3SMRviyfxYrsjmnX4ZkrXRuamOjPBweYPjg4plA2eLScfVx1evclfuXoi6lnZNMxvMdJ_yTjz0-v8tnhv9FiSXjpNlISkkLqPZOMnEQL4vr1aYMl7ao3knozKJE6h1P_DFnCg6x2tp9VBtDInEMrsN1OScSpk1Ya4Xadwpr8kSFE5X4i-Fzyta8XWpg1JzxyzP_rLTNna7lYgmJ3QR2k03hTcCpwuHMQ_pJbabNCphXzV4VcAEj-3L1YEEkgUECAQYAZIFBAgFGASgBi6AB4TDz7sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxokC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=giIGmr5Ime0&uach_m=[UACH]&cid=CAQSGwDq26N95jkInqthuwX_5TCE3m4pr31nRX2XpBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624405940&bpp=2&bdt=776&idt=225&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BjizKgkdHL&p=https%3A//ngembassy.info&dtd=228
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 44DD 4 KB
709 B 99ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:55:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 44DD 205 B
518 B 94ms
31ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 11:44:26 GMT
x-content-type-options: nosniff
age: 1341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Dec 2023 11:44:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 44DD 604 B
695 B 94ms
32ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:59:24 GMT
x-content-type-options: nosniff
age: 32843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Dec 2023 02:59:24 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 44DD 19 KB
8 KB 241ms
118ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10215125924165664287/ Frame F952 22 KB
23 KB 234ms
121ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10215125924165664287/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d505f4211d7f7d645c45c7857fbcc72be99b6536a79784eb4ee18cf482c429b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:29:13 GMT
x-content-type-options: nosniff
age: 556654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23014
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 01:29:13 GMT

GET
DATA 200
OK truncated
/ Frame F952 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F952 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287ade58ca7648339a3c29f8350d8ea7f8962509c89b31a9acb7b29c756c95f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame D23E 6 KB
745 B 59ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D23E 2 KB
799 B 190ms
113ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D23E 23 KB
9 KB 139ms
64ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D23E 3 KB
1 KB 185ms
117ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D23E 18 KB
7 KB 164ms
96ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D23E 153 KB
47 KB 91ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame D23E 34 KB
14 KB 40ms
32ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 129D 6 KB
745 B 49ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:50:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 129D 2 KB
799 B 163ms
118ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 129D 23 KB
9 KB 133ms
88ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 129D 3 KB
1 KB 161ms
116ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 129D 18 KB
7 KB 151ms
107ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 129D 153 KB
47 KB 113ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 129D 34 KB
14 KB 168ms
49ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame AAF4 9 KB
4 KB 146ms
30ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 07:28:38 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame AAF4 10 KB
4 KB 147ms
30ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 18:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 18:17:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AAF4 8 KB
968 B 82ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 11:11:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AAF4 2 KB
799 B 155ms
113ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AAF4 23 KB
9 KB 117ms
77ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AAF4 3 KB
1 KB 155ms
114ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AAF4 18 KB
7 KB 123ms
83ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAF4 153 KB
47 KB 121ms
81ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame AAF4 34 KB
14 KB 145ms
31ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A7B 8 KB
895 B 127ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:53:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A7B 2 KB
799 B 132ms
129ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4A7B 23 KB
9 KB 129ms
126ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A7B 3 KB
1 KB 133ms
129ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A7B 18 KB
7 KB 131ms
128ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A7B 153 KB
47 KB 149ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 4A7B 34 KB
14 KB 118ms
52ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E93 0
0 98ms
70ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRIQQ1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwAFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVeVEemwuY2gnX3cyenBdWYxpugQDxNumXg373gjY0h-AvVcRO2OOABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=VN9lFguvofA&uach_m=[UACH]&cid=CAQSOwDq26N93V8WB3dC1qkE4_XbI4HxPcepPzZYUNOsg1CHQYgWMoZfXwinX9O5IeoxuCnQlN6d9K6i1ifCGAEgEw

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3E93 0
0 530ms
31ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hyfhg0zbj22ht94zz41yb0ps4jt2ed1pk3h1593dw850jr5ym8zdc3f5tg42xygcsa6k5kg75t411fa6tv88jnmcyj87jexwckknqcvp5wvzkssmgm7zamm5cmkwtv0xdcztjyp8tn9r2g63pr8ekpgjy014wjbswvdbf1vq6s9arf177qr5x9347xr0ptbevsnf45mgwrphdbd6f4trkd8yh1k027pehvpxk9brkwmd8fb1azkahc89bnsqyvczbw407qktgqwcj5n6e59xc7zkm04nmxts61c6hrrjnnnr05v0y5007ca0nwxg747taamnfmn8fgp24c3fyn5e1dyvvpara3frj5znhdnerycmetcqj1a3br5jb7z94vddddwza78fm&b=Y6L21gAOkTsKss7PAADI8flocT5RsmzpFjxQ8Q
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Dec 2022 12:06:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5D79 2 KB
3 KB 155ms
50ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d6395dafa4c3ab60f2caab2b5e969f65da69e9000136063371ca9c229c80e4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77d07e655dc999fa-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:47 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3E93 3 KB
1 KB 365ms
38ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 62F2 1 KB
643 B 98ms
53ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 22 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3E93 18 KB
7 KB 363ms
36ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3E93 0
0 551ms
36ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEMkuSuOs1RKXeeWoYmPLmgq80oWl8g4BuKRf__px8P2X857v10EdRbJTvC6tZIqj1JSCy20S-X_DjNmCwtJvMv3fP3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E93 153 KB
47 KB 81ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
DATA 200
OK truncated
/ Frame F952 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad66e2d19f1d38994be226e5f1ce36cb3b366370fd36f5be004f8727454bf8ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F02 143 B
166 B 86ms
48ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 11:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AAF4 0
0 74ms
69ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqifq1vaiY6C1D9OOygX1167IDO2xg4du8KSw67EQloLNhYgWEAEgyv7WhwFg-wGgAe-d_9soyAEBqQKmpurm4h97PqgDAaoEzQFP0NY7NRWIQ2aPGpIEbTgf0PcWZj3iFz2ruGuKLWtSiuJS1GUOOmK3hT1KD46-ZR8S_Uk_L0jLED0zzQ3YDpCmyUs3np2AG9x9EIDx3tbGPzKQm0pwWzMnON_C58_UDd4uoSE6G6Fz4jX_IbBeD_MdgIKWvsAGlhO64AG9pxZ33Yuk_6rKqlOvSfq0D2RZ5Z0wTo0z0LNxvUik7i-3HMTLASAIV_4mnVjqnd04Fs7-udDibGfJOipVaHkGDuZUtllNdbLmn-Bgh6yRqyhqwASFnaWx-wOSBQQIBBgBkgUECAUYBIAHxZb3uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCZ1AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=VZVm5snM5js&uach_m=[UACH]&cid=CAQSGwDq26N9cAGlA1TTM6c9AwRQJgpHn1usczQECBgBIBM&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AF0 143 B
166 B 84ms
48ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 11:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F952 28 KB
28 KB 247ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 484266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:35:41 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/1879635912292616092/ Frame 129D 22 KB
22 KB 255ms
67ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1879635912292616092/2076313506083323656

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a362825819748d4f6fb35d34163930860d448b2f23e0860b7d4ba42636a710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:22:31 GMT
x-content-type-options: nosniff
age: 81856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22290
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 07:27:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Dec 2023 13:22:31 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2994018792370112078/ Frame 129D 2 KB
2 KB 250ms
62ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2994018792370112078/14763004658117789537?w=100&h=100

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9f4fd72e7f700a29c813e03b8bd94d77385cb2ce3d22e8c64a0ed6351e34be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:12:25 GMT
x-content-type-options: nosniff
age: 176062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1888
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:58:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 11:12:25 GMT

GET
DATA 200
OK truncated
/ Frame 129D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 129D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5023f4a83c16faddcebcd52253db66b33cbc2e1d52734ab9e144341481b6f8f4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/155209160920803662/ Frame D23E 28 KB
28 KB 258ms
94ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/155209160920803662/2076313506083323656

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed095d981ae69ec26e3c306723923c728404e3430b22f02a8cdf9aa84810acb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 04:39:05 GMT
x-content-type-options: nosniff
age: 26862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 07:10:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Dec 2023 04:39:05 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12897371030609539648/ Frame D23E 2 KB
2 KB 229ms
65ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12897371030609539648/14763004658117789537?w=100&h=100

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9f4fd72e7f700a29c813e03b8bd94d77385cb2ce3d22e8c64a0ed6351e34be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 02:31:52 GMT
x-content-type-options: nosniff
age: 207295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:26:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 02:31:52 GMT

GET
DATA 200
OK truncated
/ Frame D23E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D23E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f34b43fb8336e4ed54bb9c8c44779ba971aeecd30552ccb65ac3cb7bb21dab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 43F9 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame AE92 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D23E 0
17 B 67ms
67ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHE2o1vaiY561D9OOygX1167IDPWzg4dumOz-yOoPloLNhYgWEAEgyv7WhwFg-wGgAe-d_9soyAEJqQKmpurm4h97PqgDAcgDywSqBMwBT9BwTTJtjzlwrm_HNRHo955pPNF4Jxr_EGQm_FSiX71TOpU2sj3xzFKDkVKv2M1CX8kaoSjAaHkBtSmQdrswSR1vrDNh9Oj0xDGboAvQEpuJV7grmvty-Amk2jKOiswERL8jc9zXuyB1jrUgpwfcScO-T5bJnWgUIHT3RTyGhuvKEt4T6v3tapkvjtgy7J83VLG0MPnLHn1xf2egvgLfktvVNoCtmJqijhtl9tlX0XfW3fLQXKqWoRc7XXfNvyXM_p6Xf65s0QKVsldmwASdpeGrgQSSBQQIBBgBkgUECAUYBKAGLoAHmoT9uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCRftIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=_WupUNntpps&uach_m=[UACH]&cid=CAQSGwDq26N9cAGlA1TTM6c9AwRQJgpHn1usczQECBgBIBM&template_id=484&vis=1

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 129D 0
17 B 70ms
68ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWiJi1vaiY5-1D9OOygX1167IDKCw6IZuxqLAjowQiIj12tYBEAEgyv7WhwFg-wGgAe-d_9soyAEJqQKmpurm4h97PqgDAcgDywSqBMwBT9D8Hu8K0lOk1bQv0SbJCGIz-AqtDAt84Mnsn1sJWXrOOY4ij6jWQSo_2G-eRu8zvINtNuQnm1_y46TW4q27AB5StzYeKUNnRjKAMmOfTQ1Hg_tuLhghF1Okog_XxDeiznQnm8J6sseucxS8N64GbwdI9_DbTQ_L7slB8ynExKWK5rHZ2FC_HW9ZaqFuONVZS1VaZs2_LYjjQUtAGSNyWGB9GnnJlE87NUNKDy-EPty5HsthBs5GSsNLImU1NMzdXC1MZEPlM4gwicBkwASW1OLHjwSSBQQIBBgBkgUECAUYBKAGLoAHqYT9uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD7pAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFATQFQGAFwGyFxwKGggAEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=0I7JkHWELQk&uach_m=[UACH]&cid=CAQSGwDq26N9cAGlA1TTM6c9AwRQJgpHn1usczQECBgBIBM&template_id=484&vis=1

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A6B7 8 KB
895 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 10:46:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A6B7 2 KB
765 B 73ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A6B7 23 KB
9 KB 73ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A6B7 3 KB
1 KB 116ms
94ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A6B7 18 KB
7 KB 80ms
59ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A6B7 0
0 350ms
33ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoWH8TvWookzSp1wsJL-WUu7yctKE95i5DectvNFEV3JCE0HW1pbV39aMyfBiFEq5dHY8wSSL27dX321S_6wv2P-e3ew
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6B7 153 KB
47 KB 86ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame A6B7 34 KB
14 KB 52ms
32ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C75 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4JeK1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMABT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM815QMHTTbJPqq6SImHeHBBxL8AA_LE3tsNXHETxllt6_pCNFw7agAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=upv5wpobaBs&uach_m=[UACH]&cid=CAQSOwDq26N9809IoyoML8kduDXIzYIuShackvh5N6Wcux0WGcxd0aZCY6ECo18Gwm1xgDFmid3zD_eEoHy6GAEgEw

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 7C75 0
0 81ms
32ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hm4s2hk3mtgdss2ve6dwnzfx70d9madpm77x37j11evcnm4y2w87dyzd75n1edj43mamwcentxrby6knzye2h8gx2c7q5cj7n4yp1hm5v10kfwpar90xzmx06jdnptv56x9k7detbe86n8e0bcjgcdk7sbaf1txrqwnmp12f7wyh6fk310b9v5vxpaf233nghgdvwd6xfh40fxn3k18zx8y89g1wm32w0n48mvw0r6g81y0m4yc8k7dnheh2afz3qzmz1y9trbygw3spsskr9v8m5adhr9xr4ab86gfb6wzzs21ws9xpt8094xt5dg1x4671z96yqycvgan1cq68vqg74t2fj0w293c9f9fgykezwggpyvc9tk5m4gec2qg58tq4sq5fg&b=Y6L21gAOkCsKsooBAA3azmWyuzjusWte1Y8Xyg
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Dec 2022 12:06:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7EA5 2 KB
1 KB 91ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c3bbc287351498e006c137a73fbc38ffaee30c4097f953341dda1265864ed4c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77d07e656dcd99fa-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:47 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7C75 3 KB
1 KB 128ms
110ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F3B4 1 KB
643 B 76ms
38ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 22 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7C75 18 KB
7 KB 99ms
71ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 01:38:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7C75 0
0 69ms
33ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2zZJnTsYV15pMU_xt2nAIkIyjMlgTC_Hj5dWgQic0HMdCgubHQ7mFZwhInIdWD-tgKBPEbtcatqng-SfbmSMpYkJG2g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C75 153 KB
47 KB 80ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A6B7 0
0 91ms
72ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYNwp1vaiY6roOMLbzQaAxoU49bODh26Y7P7I6g-Wgs2FiBYQASDK_taHAWD7AaAB753_2yjIAQmpAqam6ubiH3s-qAMByAPLBKoEzQFP0JzN4iOHKchJuWaA32mPggLjQcArk6lUlRqeALd8uIgo_A_AJW0sk4LbgAtrB6h1NkUa5Tm1tkErnmsw8TA0YDYo09_KhohpgAnSMfuOuay6NX6numoygayTLGuLPGnBgMlxPslhraJ7Jb6CW3KAUav7i6ybz_mDFM3qMZJ6LjqGrHOYGJMzKf0QDe32rOPvVTlNW1JfoIa_0HBhV7xWOPv0R0sqUJcEeUCu7KOIP1cHd-KUKHb13FKTyrF_y8G8quDYezqR3RG-e5IMwASdpeGrgQSSBQQIBBgBkgUECAUYBKAGLoAHmoT9uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDoONIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQF0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=viDBCvwPWTo&uach_m=[UACH]&cid=CAQSOwDq26N9DwxbEv3a7ZlPJwMYohgBY_rxrh_09YY6w7aeCc4S_KEvpJMrL5DsKfdvTCNcT5eZ_CfKrafUGAEgEw&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 12:06:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/155209160920803662/ Frame A6B7 20 KB
20 KB 90ms
71ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/155209160920803662/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b77da7e870a0480176c4915ff1ca72f8ba3957abcf34ed4b8239c9de0ffcd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:09:27 GMT
x-content-type-options: nosniff
age: 183440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20635
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:26:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 09:09:27 GMT

GET
DATA 200
OK truncated
/ Frame A6B7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A6B7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287ade58ca7648339a3c29f8350d8ea7f8962509c89b31a9acb7b29c756c95f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3E93 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4dca1bbcb59b4350f62649a56a672f8a392676904cc7d7e50ac5027a4667db8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 52DC 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D465 1 KB
643 B 45ms
41ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 22 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5D79 89 KB
12 KB 73ms
35ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 688773
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKSU1lek59zHqvknHPwpnQjREB3zWiZ80Ar1wo2WRVlfU%2B1C%2FuxWfg47Q5AwjJVXbX%2B3ZsQKCDXuihV9Q0YYTduFpTfZ0C2l94B76kVsuvWXq0I%2B2ugaBTLxQg3lh89kwUu%2B1kj6THQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77d07e676f6b153a-CDG
expires: Wed, 21 Dec 2022 13:06:48 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5D79 35 KB
12 KB 50ms
35ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107308
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH0aoufK0sK2I6H2otBbCZDldiVeVQp196MS77vinIrIe%2FVpKhtJFQDziNbyqQMwAeADgzcgvDPJDt%2FN8zIIoJ%2BVJnY9pQhmlL1zLYyvmXDYNjdlNJbQl6BdCErRd%2BMpQuMYJXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77d07e6748eb99fa-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 06:18:10 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 7EA5 89 KB
12 KB 99ms
71ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 688773
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYM9iQ6B%2B%2BwzYznrSp2nk6rCEabPSLYRWloJ1UXQTF10rbLCNOKt5uwpZW3TQZ83TLQ76hA2wA3HmS7%2B4S%2F2A0An3AmzhlhftZHmRtfiyLvIDItazzeoLIoCRGi%2Fp%2BhMy4wa%2FOQTX%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77d07e676f6a153a-CDG
expires: Wed, 21 Dec 2022 13:06:48 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7EA5 35 KB
12 KB 38ms
32ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107308
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKawvRaFUgNPnpbDpQ5P9vXiSDJaHmAC%2BhM94hMyxmScN8SwNrXI1PZ9oZGA07BLOVjIrf7bmViGL6wVBFeceK4jkQxohx2uoHOM2fEnF7SjkrQTIQ82kHHzDv49Sp3%2FPHDj3tU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77d07e6748ec99fa-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 06:18:10 GMT

GET
DATA 200
OK truncated
/ Frame 7C75 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c164424abde358e938029a68de77e36b320e8833b64cd83a97ce0cad65322f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6B7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47bca8f26cf489a5d8e508b0ff24a9e58fe3eb2366c21524ac80c0dcb6a7811c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOWrhay8vX6V099UkEs8R48&google_push=AavPq0OPM-W4G1tUkgdz5EB6TwZK14ROD102Yk3MKGV7g3eogkWqv8PcXq...

170 B
188 B

200ms
94ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOWrhay8vX6V099UkEs8R48&google_push=AavPq0OPM-W4G1tUkgdz5EB6TwZK14ROD102Yk3MKGV7g3eogkWqv8PcXqky6Igq4rWbTTG7Hlk4iWsf7yHBrP1au-Z3mzBXZlm9vbw

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cdg20764-CDG
pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671624409.765494,VS0,VE79
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOWrhay8vX6V099UkEs8R48&google_push=AavPq0OPM-W4G1tUkgdz5EB6TwZK14ROD102Yk3MKGV7g3eogkWqv8PcXqky6Igq4rWbTTG7Hlk4iWsf7yHBrP1au-Z3mzBXZlm9vbw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECS484HnrDrjg1UEhmo4meI&google_cver=1&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg&google_hm=Q0FFU0VDUzQ4NEhuck...

170 B
188 B

279ms
92ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg&google_hm=Q0FFU0VDUzQ4NEhuckRyamcxVUVobW80bWVJ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0MEuaDV_mqZJaqDkuk3PKATZwEBJKaNNWC56X_NtEoIhGlFfhM_CIvL90vqQfhYKzs81RHPUkMji6mciXirbXP0grx8L-GVLUg&google_hm=Q0FFU0VDUzQ4NEhuckRyamcxVUVobW80bWVJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJGXAzmjKUSX4PLYBbCiXyA&google_cver=1&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTU3MjE2MzU3MjI2NzE1Ng%3D%3D&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q4GKx...

170 B
232 B

67ms
66ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTU3MjE2MzU3MjI2NzE1Ng%3D%3D&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q4GKx5lUyAyCanCgCs

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTU3MjE2MzU3MjI2NzE1Ng%3D%3D&google_push=AavPq0Mlf2Lbd3QEepgeQveJwV_huUGVP2EnWyLG_aOpZ_v6JDtdKySzjkNMIYzIo7ELNbkj2998XHiLL5yA7Q4GKx5lUyAyCanCgCs
Date: Wed, 21 Dec 2022 12:06:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMODAUpgznfT-BkqOhWGE1A&google_cver=1&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz6RPh2t0qhfc-of0

170 B
329 B

131ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz6RPh2t0qhfc-of0

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Dec 2022 12:06:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P7OUiJmgACmK1lPBanW-V5h8GJ_2qC30D02oxTYEEkpWcfqiJ7MZ74hwIUO1WjLaDMhR7bSKv6HWTvXkoz6RPh2t0qhfc-of0
x-host: tde-deliveryengine-production-769c9db745-7tbbj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 62F2 35 B
125 B 419ms
67ms Image
image/gif 213.155.156.181
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEGAQn22zeppkTEL9b_DKVpQ&google_cver=1&google_push=AavPq0M_d_aiFT91wj-58e7YUVeK4CPFg0pEF4pIxAcSuxJAJFCSXbkGoVWFKhZvMHuhvqAEMI17AawMOWJcDZlssLJ5_GSoVxN7wiY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NZLQeYeru8&p=https%3A//ngembassy.info&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.181 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-181.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3VxWWh9dPfaiexRcTBPR4&google_cver=1&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5Tqz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYTTBHUUItMTktMTJQNw==&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5TqzmdcNrm_qE9Valqkde1_fFVyPf13E

170 B
188 B

276ms
90ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYTTBHUUItMTktMTJQNw==&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5TqzmdcNrm_qE9Valqkde1_fFVyPf13E

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYTTBHUUItMTktMTJQNw==&google_push=AavPq0MgVl0mbPsPIzaSuIjM1N9AY2VuTbWo0zaQjsGuhZeBGJS9L-XTz6mp5JtTI4RQE0F5TqzmdcNrm_qE9Valqkde1_fFVyPf13E
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_hm=Y6L22Pt7X8cWQxEV8gw3zgAABLYAAAAB&google_nid=index&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-...

170 B
188 B

55ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_hm=Y6L22Pt7X8cWQxEV8gw3zgAABLYAAAAB&google_nid=index&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-CWiTWEnmxDY63nvwyXLcBWHp-4-yo1Ak8h-LqRf0376GLqK93cNhEO8MnNA1B8CwA

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YxHDJY039jz2V8luCS%2BV3UZig%2FtviF795CxdIkKYrmnB3vfk19epNJR7C9hL6MNxICH5pJydvnw2Q6imwlvU0LzZQ%2BBvLSh93ce4x715OV1EMm7MkiXbxfIYNZs8s3A0dE9tHzw7kqYvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA53lwXlW11N7SN9amOX3i4&google_hm=Y6L22Pt7X8cWQxEV8gw3zgAABLYAAAAB&google_nid=index&google_push=AavPq0NSox97QSPX6be5LQdms2pFdbL7Y_UH-CWiTWEnmxDY63nvwyXLcBWHp-4-yo1Ak8h-LqRf0376GLqK93cNhEO8MnNA1B8CwA
cache-control: no-cache
cf-ray: 77d07e6c0ff9f0b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 62F2 0
223 B 394ms
42ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lp00M7jolR9vTYrZF5mnE9nsyTKm6p5OzvESYc7rMWhF-9HwuZSz_LmA2EgDCw-PgvYh8K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F02
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

149ms
69ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:48 GMT
expires: Wed, 21 Dec 2022 12:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7264 36 KB
16 KB 90ms
52ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F3B4 35 B
464 B 359ms
30ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIQ_OdF9Zlw1Xj_NW9FFnFQ&google_cver=1&google_push=AavPq0NhF8NCCA09b4JLYJZf8IgPsYrNEY8AT5JEP_4_wZ2Ad7-io-RawhNAckXaIxV0Sak50hW9nPJoDOObnls50DZrvJUgmZjSEa4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F3B4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6t...

43 B
393 B

345ms
181ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77d07e6cfdc0d21d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 142
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZzs7-BLOVEWauVraOjoC0&google_cver=1&google_push=AavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MET4ePsOAyPrrBp-rQlfymtKNWwOF5QZxkLrhpoeq2lHi7UP_EyCppm-ALG7FtCSRScmQUABEz3OdOK0Kn7E0tnpvtm6tVXwk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77d07e6abba7d21d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F3B4 0
173 B 366ms
45ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEALh2Omxe68XScgmPWNC4ss&google_cver=1&google_push=AavPq0MpNdkWXnL3YKhk9MJOPCZLwZSd7Qu02ZK3rjSRGJ6jT0rjrDUwlG9v2-OX2yhr5CWbEh_BtBWOFPEu0uuR3L3D7sUdhnIVfGI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3B4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAwh3LfCzYhX202v1IQ8szU&google_cver=1&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbm...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbmlIGinGHk&google_hm=eS1xYjRubVlaRTJwRjl...

170 B
188 B

249ms
92ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbmlIGinGHk&google_hm=eS1xYjRubVlaRTJwRjlqZmpPMmFfUzBPSnZVMm5uZXVZOH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Dec 2022 12:06:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NANd4qjU1G9m1pDPJVW43M33MucbHoPW5PlBI_oJP8bIQSaUWuT75xwHOU33JkFgvzAFQe_-bDHTE7u7jAo3EEMbmlIGinGHk&google_hm=eS1xYjRubVlaRTJwRjlqZmpPMmFfUzBPSnZVMm5uZXVZOH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3B4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-3610815c-0b01-4fe6-bc9b-8be0b9a63fc6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0P5HB1qP-p5NftpU2iX6...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&google_hm=AzYQgVwLAU_mvJuL4LmmP8Y

170 B
188 B

43ms
35ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&google_hm=AzYQgVwLAU_mvJuL4LmmP8Y

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P5HB1qP-p5NftpU2iX6e4hGE8kNaqEhfNoETk4GuOtpZXAYyiVyesKxNT9KqffTa9cZktxhjf5VYKCZ45LzX3FlvCPasgR_w&google_hm=AzYQgVwLAU_mvJuL4LmmP8Y
date: Wed, 21 Dec 2022 12:06:49 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3610815c0b014fe6bc9b8be0b9a63fc6003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F3B4 0
75 B 356ms
32ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEH51WHGShbRhyxtUugM8mOI&google_cver=1&google_push=AavPq0MC6qs71iDJ9bAUwFlvs4hjLcyU7df2SWt2gZVflHG_I8clZW-sJTVoGJbc1wdDUND96SIdXY9jJVFjtqCUztWlypoysG_9eA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:47 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame F3B4
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN31usPdU09ivfKQkYcMB-U&google_cver=1&google_push=AavPq0OrTzIRTg0cVxB3_0n7uzUlkPsDsNfloCxIvZ99ceprzsVBCurXkOYx27LqNNmdXZKkDNMx69LpeUc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OrTzIRTg0cVxB3_0n7uzUlkPsDsNfloCxIvZ99ceprzsVBCurXkOYx27LqNNmdXZKkDNMx69LpeUcMWmdFw8bY9fNoewO7WcXN
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

61ms
33ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F3B4 0
40 B 363ms
44ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5RFV386KC89YjO5IuXiHZ6Po7g8s5RQ8LqRNExKu9tvgja4nHaUl0KApSSHg3mqubfvH0Yw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=1&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zvZdguj5ki&p=https%3A//ngembassy.info&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AF0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

211ms
127ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:48 GMT
expires: Wed, 21 Dec 2022 12:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame D465 35 B
463 B 145ms
32ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO1rTe46HX1JKxHnlZZmpzA&google_cver=1&google_push=AavPq0OcQSqQy-_4mkx5_XvjBS_ESW4RP_kblabBQMwFJbR2AGeRB0TpLEP6-PXSBKmYoNFm-5ebk6CYRWJ5Q8ReFiqYEGYakgAD8W3OJX6VzTyoBqRK4vU9KYLyM7bQTYGzpSftVz50Nse9sGI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D465
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjRqbVlGbzQxUDdYUzE1&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6L...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjRqbVlGbzQxUDdYUzE1&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6LUNfDJ_eyJlMAShXLwjJC-nxLDxFN_lxfM3EXx6ALA5_l8_dIIbmm2-HlYPBgaMQ6s9HkPVy3MYeXgcLEO389GkdO9M2J0W1f9YkA

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0c32fc13bc3459abb@us-west-2a@dxedge-app-us-west-2-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjRqbVlGbzQxUDdYUzE1&google_gid=CAESENh_PtbhcnhtnTWvr4qwh6A&google_cver=1&google_push=AavPq0OwRgJkIyAQAUIZepqVeOXZOSyMRTd41mQjgQOOP6LUNfDJ_eyJlMAShXLwjJC-nxLDxFN_lxfM3EXx6ALA5_l8_dIIbmm2-HlYPBgaMQ6s9HkPVy3MYeXgcLEO389GkdO9M2J0W1f9YkA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D465
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9w...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW...

43 B
439 B

344ms
179ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77d07e6cfdc1d21d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2939
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP4qH97CRQ8fsTImlTTHq-E&google_cver=1&google_push=AavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PnZ-XzK8lWhPeTMwQ70OfkDcjsyVbaa_2LhD9uO3-zBt4Mztb3cirOf5ilNxsAdv1EaidlZB9Hx_1FQv6HkuA2m2cUesW9wb_nyx-utOvKfBOwZZJ80P7fGWl5wd6tdyS5lnTdCoZjtNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77d07e6abbb0d21d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D465
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOW18UQ_urW3Op_QWIORavc&google_cver=1&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukUrlGY6tSsK68arGb...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A4056046EBAE4123A58060F1D7F7C4FB&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukU...

170 B
188 B

119ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A4056046EBAE4123A58060F1D7F7C4FB&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukUrlGY6tSsK68arGbaKemKwtd4NupasN_kvkcLk0YQ8uDt-ZpFXhIaMxJFy6EQ

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Dec 2022 12:06:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A4056046EBAE4123A58060F1D7F7C4FB&google_push=AavPq0NyyTRLRbzQxIrKOkD2n7zWxegY88VW3gTBWnKRQ-dqgTvOeO0-PAzoTSC1JJuavFERWs6oNm5z7-gYukUrlGY6tSsK68arGbaKemKwtd4NupasN_kvkcLk0YQ8uDt-ZpFXhIaMxJFy6EQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Dec 2022 12:06:48 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D465 70 B
265 B 358ms
0ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED3VsmG-R21wvM9ihm12EUs&google_cver=1&google_push=AavPq0P1wE9LuZXdUj6Fx05SSJF02UaHnGCyQ2c_WjDS4-Q4JcYXatB8qXO4G1RDKm_J6BZ_MGsBreNg3axps_ZwISciFnJsPYluCK-d_HYuvIfaoEDjOFkY1UBqZyGcy-gQY1C5Ri7cQEObi2s
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D465
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEBRasNrMjMltzRdrtiOLtY&google_cver=1&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-S...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-SwSAgpgjgRaEYOU...

170 B
188 B

183ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-SwSAgpgjgRaEYOUz0ukKMCgwko2tbYCoFARJwjNdvHrQjoNmplqSye-qz3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Dec 2022 12:06:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hdPGnS-bT1iN1pUhtecxxw2&google_push=AavPq0P4oxpcJ9vpA-HliyUCccAz5AK11lhfuD1srIgzcseJ0f4fNbZAKVJHQMOZkJ8-ZOgLQqNPcAruQu4-CY-SwSAgpgjgRaEYOUz0ukKMCgwko2tbYCoFARJwjNdvHrQjoNmplqSye-qz3g
x-host: tde-deliveryengine-production-769c9db745-7tbbj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D465
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKm6uUsWqJiS50O1wRSLNNM&google_cver=1&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKm6uUsWqJiS50O1wRSLNNM&google_cver=1&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5OTczNjI3NjU3MTUyMTEzOA&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZI...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5OTczNjI3NjU3MTUyMTEzOA&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISRSmvdlojiPsRG3T6UuudwrMWk-KSSk4rbSLrqpdN3276vMLO2WLmyuoxckQJj1JUtig

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc5OTczNjI3NjU3MTUyMTEzOA&google_push=AavPq0OQoqKGFhKNTMkqGpQi26rTg_GcLrWienRK6NX__LHoiYmrcdm_nuRxR9F80Ecidq82a4r9ZISRSmvdlojiPsRG3T6UuudwrMWk-KSSk4rbSLrqpdN3276vMLO2WLmyuoxckQJj1JUtig
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D465 0
49 B 131ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-gFr5FgVYIAKKe65gfgFSWR03xYywoWvb4qAZj2dXGsdgA38qkuR6h6cXKnNiMZY5yygU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A6B7 28 KB
28 KB 259ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 484267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:35:41 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7EA5 3 KB
3 KB 354ms
0ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2298
x-guploader-uploadid: ADPycdsyy3XiqRKYAMolTEAYALMVMLkBuE4wuf-4IY7Xkhz3scCzKEXoLCylnCQ3l46DZbKtLLnogBpNdxBH_xYpKnl7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6I2lnzX9w8VSDcry9YfXdqOcFrlMoO%2BttPMyOiSHwCHxSwSy2lKvsoKx2pX3mH%2FrIdzMK%2BMQWExgolfck42dbRQUr2VZ%2FC95Fv7L5XtGt%2F8ygkeEppwk87bz1B5gkO%2BYiYLQ3s5znF9Cv%2B4Ss20VTyM2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77d07e6c0c4c99bc-CDG
expires: Wed, 21 Dec 2022 11:56:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5D79 3 KB
4 KB 352ms
0ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2298
x-guploader-uploadid: ADPycdsyy3XiqRKYAMolTEAYALMVMLkBuE4wuf-4IY7Xkhz3scCzKEXoLCylnCQ3l46DZbKtLLnogBpNdxBH_xYpKnl7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUiZGlCw%2BCUJwt7AI6Ge3dPu%2B5KkIAxfXMWz4Hqrom7lSZsSx%2BvZHDS55FpZDmrbeNJi9OgvGVQCaF6Opnbp3TgQq%2Fusu5q8acCd6FLc6ugz8hq99JHi9WfhFzV6HRbGJkD0ehQu0Hj4yDdNwlGUfRDe"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77d07e6c0c5399bc-CDG
expires: Wed, 21 Dec 2022 11:56:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 35DB 2 KB
1 KB 193ms
125ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2131256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77d07e6aabb3153a-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 12:06:48 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCVvePuwqKsPHrROBW88g%2B%2FnlQsy7NyJI%2BWgaSXZqNMt7qFCW1GoJ4Xh45ZYOIWXQ918ZLQC4RnLKTs1CAUzNnM01ZqbjHHnIVT5o1uR8NeXMYqaP05riKVm6z6%2FAMAuBfR1ddk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9D09 2 KB
1 KB 193ms
126ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2131256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77d07e6aabb6153a-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 12:06:48 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT3J7ASNgbR12nM7UWeTt9PdhDFnMvpmRH%2F6Gc%2BNfsveK4yFlgf8hg9vTcCTrRh1505W9rSJjQ2di2Ns6ypnS12BLltOgMYGoiDz4%2FlO5Sbh6hzeqeLt9yJqydiayRiCywLB4Tc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D23E 42 B
64 B 290ms
147ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttHPAIw9WpUzeF23bE1xLVK-kKS3bSXQgI4oX43i9m_bJ7N9dFFRoa2U1d5qgrT9z1Eb0Dq1_R44Y9nNO6NSjM709qpRtzYnKZADb8QYxx26wDUBjNjw0mfyMRZIgPOw9q43iZbQ&sai=AMfl-YT1nlJcHxPXzeQBMJ_pxQW_PGjq5_YyDJrEVcF6rDhJsBbtns-GS44mfcCPAhIeNts4UyyIlwk-KQZnW5Q&sig=Cg0ArKJSzJJ4AlONF9JpEAE&cid=CAQSGwDq26N9cAGlA1TTM6c9AwRQJgpHn1usczQECBgBIBM&id=lidar2&mcvt=1073&p=0,0,500,180&mtos=1073,1073,1073,1073,1073&tos=1073,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671624407041&rpt=633&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 129D 42 B
64 B 286ms
148ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd3WrplCZcT_O-bs9rcY3kWgKpt-HongnxTKcsp09pDWwdOFey9cGQTYOW7rneC6SaZvD0Vtr3DgJvlVVI3Cm9sEv-ThRoUUQ4RGM2KUodiPGogDBgFhO1tYmqWGtlkJuKwB_xDw&sai=AMfl-YRDasGIWPhcR1YfByI--0AiB8FrrT1ZYTzVqAo6XYoz4SZNkwLSUqeXjXHK9pnfyHxd3ehAO69dDS11Fd4&sig=Cg0ArKJSzCph4Fo4lktGEAE&cid=CAQSGwDq26N9cAGlA1TTM6c9AwRQJgpHn1usczQECBgBIBM&id=lidar2&mcvt=1078&p=0,0,500,180&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671624407044&rpt=596&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 7EA5 1 KB
2 KB 64ms
57ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d6580193a70eaf67c20cca0c971ccf6d8fc4d13638f7e2c1184f4f24ccbdbdfd

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZfnQnw7d%2F1BoP7lC5prKX01nwQqrl5d3DmrnZGB8B59zoLf%2FRkVxc%2FXnIUCvguWowhGOphw1QmvZPXk6PM%2BZv08mMisQfFWf737J4sOcCEZL7qHEvBXN4N4KcVz4ilfUflYQJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77d07e6cf9061542-CDG
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 5D79 1 KB
2 KB 78ms
57ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eb526413fa4f05bc700fd9b2ab193b246198d0ec5321355e9935b074a4ed6df0

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWOdXxojUa3W4zXJtgz8flPNiznXQrqWbklsb7hvHV2yW839CYeiladJEqBcDJZxaNLd4uN1yPU6SewCKELbINxz0z4tg5E1jkSeZ77euJiPrnjv3T3J0TnEY4JhGPBfreEJu78%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77d07e6cf9021542-CDG
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 157ms
90ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77d07e6c28131542-CDG
content-length: 24
content-type: text/plain
date: Wed, 21 Dec 2022 12:06:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8FxqzNKrj8oufwX4gMFZ50EMCF7VSV8WDSApBoRJiPNOylRfKTlXVTz2zURHJTRHz0qpZt7BHgqF4tJ0q47R%2FaQJ3NfRLHjgJSt9N4R77OwfDcNqoH9MHHNfOI5zssK9q3f3dI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3b3l

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 155ms
88ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77d07e6c28111542-CDG
content-length: 24
content-type: text/plain
date: Wed, 21 Dec 2022 12:06:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ps099V5vsdFmA2CNxUcshjOn8O0JlupyfZdPJOHBU0FuBSRcd2t8UdMrZU%2BzWe3UKA3%2BdAKas3RIX7QVmfPxlPlWPv9wCjvo7tQyCtDuIahrgPPoz%2BPYF5Vq1VYEs2kNh2%2FhdA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3b3l

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame DC00 36 KB
16 KB 99ms
45ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1671624406&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671624406896&bpp=1&bdt=1733&idt=-M&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6196c117ac5fcd73-229fd67b34da008d%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A&gpic=UID%3D00000b95b1d59c5a%3AT%3D1671624406%3ART%3D1671624406%3AS%3DALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=225882010196&frm=20&pv=1&ga_vid=1195666794.1671624406&ga_sid=1671624406&ga_hid=1318564456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773809%2C44777506%2C31071168%2C44780792&oid=2&pvsid=2350679068342467&tmod=731324098&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cVWaK0asdn&p=https%3A//ngembassy.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F952 42 B
64 B 132ms
75ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzAOs5CdPGVmQf7osVrkV9Rlwz2p9CdhMCIYM77j09_VNpCEAIRgtuGLvn0PVOjjLLetSLILlTQp45RjtClmtmvv_C2qezeKIO2aFe6LSdmJwzhBmbijmOM8ZxEigWN-iiTZGo-g&sai=AMfl-YTWPPHBtEp3rmZsenJCAiAJmDmQ-E2ujyZRaE_XU3qoAtPVL-J1ThgxJ2EPKP6J_etGq3fQid6uHFgqQZ0&sig=Cg0ArKJSzA0_WAQ1qXT6EAE&cid=CAQSGwDq26N95jkInqthuwX_5TCE3m4pr31nRX2XpBgBIBM&id=lidar2&mcvt=1018&p=0,0,280,1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671624406169&rpt=1745&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 12:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 124ms
117ms XHR
application/json 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a465c2b392ca9403d32273b784cb9b54beb66a6e3ef31675c871885b7b0750c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11040
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4B02 9 KB
4 KB 46ms
45ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b3899d929eeac4e8e12c8b8b95152cfbbcbe5b306c5180100af6819d416ff0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gmbxn7a67kn2saqgbcgz903tf2fgdg9jddk3cpwjhnh603jx0agaycveyzgfg91x0rstdhnn2ghgq89jbc9740qh1vby78eb5fcqhqb10t8jer3k5rwja946bnv8r8r8a82ejxkc52r6ey2z843cdxczvk3091s7wpr626027mpr3c58dhh4h2adws3s9rjj9g4kk6zmezz8m8pe8nxhcn6k57a5zbgssn8t525r482cw40m5qdexvwgtjsjdx1bp0bh0kz0n280k7vc2mg11pe3x7wxp8td6vh1aqf0d281qv6jqw84kyq55qg2xxb74b8qmx4eh0zaap5zaeeaxc242hqxtww9861q74cyacq3fr1k3w9cbrewr1xb2qcdc745cq8vnap53qpvc6gbjppvbvs1e4vs85tqmp03ywyyh82cz2pxwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77d07e6de806153a-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BEED 9 KB
4 KB 75ms
74ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd09f7ea8a6c1725645e239c7af721bb0ab09d6b81cd04a61b9075b7f92636fb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h2yr9x6fkgdep0jy3h2brn52ghcprp97e1xcdnsg8g4ap1nbwhtk6cne2qtzf5f1c1xvr4n5kpzv94vff9srdnm57e1tzrpdwva02w27ecra70aj0g5ajamyx6bpmbm1tqr1rkyzaccym4q1xp2m5trqej3y7g6aarc4h3r7bwa2j15f2pbrnb8qcf06gsbakpa5nz9p5z8c88z8p9x2qsc1bm7evzq3hmberjqv3pgk86rnz22801yx30dc9r32gvccj31dr3gcs4ffcm5t8gk8egywwhycwx717699s4vzx6h0d1c63ta73hbhwrfvb9t2172n6dwrx7pwvnrxnck2dccnp5wnht33xt5mjgherhy2nzhz3pp19x2ey327p70f4b0nepk4xpgbtmr9rjzhrjjzxzakq8v6z25w3me0k246nwag28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77d07e6df814153a-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 116ms
115ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 12:06:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 4B02 89 KB
11 KB 59ms
56ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 688774
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YuzgS1yILC3XQDkww%2BdYWUdhDS0lsClLXQ6VEDmP5sVygxfVzmWUHVXBvt1no8kEEow1QBYDo1XpS0e0vRI6x4Tvhdv6QYARNwsUjg9mjq%2B78%2FaRvbOa5k2P4s%2FPKCg8ZRa9n%2BD4ek%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77d07e6e689c153a-CDG
expires: Wed, 21 Dec 2022 13:06:49 GMT

GET
H2 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame 4B02 49 KB
50 KB 82ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97a16970b3c0282946c73892b6a8b07d8c95c588b6127417176fe1e87f247fb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653675
cf-polished: origFmt=png, origSize=104051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50558
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqx2m2960aiXp%2Fb60ugi4edD6TfwVLf6ULNVMvmvmOeKzSJx4OhAU8vIC0zST5uqTpq8YTGiLoknaK0q5uEHMIk2WTugmlVVmxLuWNSG115h0lqic8qeQspML%2F4jZ4E0I0tyBYzc0KxYvoVC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fd599fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame 4B02 43 KB
44 KB 58ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2306191
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cguZpPFzRKhHRarP6S2QUT2OgI%2BhzFt4gVP94SxvUJa8VopaKrklgHe7VqTweSa%2FqlbbLt82xeZF8yJ6Nb0y0KKHTkh8clpPAwLO2sRgmsI64bt72yStV%2FgdGUpw3Lf7F2QID2FtjLSdJadR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fd199fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame 4B02 43 B
2 KB 169ms
40ms Image
image/gif 95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJskoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0070300102233887
Connection: close
X-TRK-PROC: 45335
Pragma: no-cache
X-TRK-SRV: 5
Server: nginx
Last-Modified: Wed, 21 Dec 2022 12:06:49 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 4B02 14 KB
15 KB 72ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 752886
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puq8xXOLNdqphSrBp1dF6qiMTq0k8KaRH7SnKOohKomBrOwGZT6wjm9Go%2Bt1LY%2F0FRPVFSwGSYZTcSp7j%2FAAxbNhhqmiL94HFAW7zQrbJEJzezVQSQICBPLFlfYQ%2B9NuzLGi3bZRpL1LbJob"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fd399fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 4B02 274 KB
275 KB 80ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1153033
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTVYl%2BeQ8jzZPBHpKTLHiGNyyz11czaBWqh3J0xxjP2HlbhgU%2Bi8S6ofP6%2F%2FujtCvCBAXWZnG4wFBuIiRZxNISqoeEexCfDqyejqbXOaszjmbBxdaVJbw5Pw6xyiPpDAKkCDwymChnvsKbc2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fce99fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 4B02
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

821ms
284ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1036
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Wed, 21 Dec 2022 12:06:49 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.016003847122192
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 6
Server: nginx
Last-Modified: Wed, 21 Dec 2022 12:06:49 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 4B02 7 KB
7 KB 64ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671805
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:24:03 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBe0wditQ%2FSrDOM%2BrGEp5a4W6xpsrpMJFGnKmBTM36y7SpIna1KfNW3xhc%2F60OslQ4PDlsF1IdgERkfgWxzjZwYKxBu6pLO1xCEmN0f8jISd9HmJSBN8OBYi1NgyGq%2FhGLpWmT2TMotRKG2y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fd699fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 4B02 36 KB
37 KB 65ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753437
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmfrjyd4Sh8mP8dMvfeGSLofNIsz0uUt7vE2%2FYG1FJGBbZTkqXEJ2%2FuPEWdWUM0fFMTZObYis0Oyxl2AeC7zmXPGoWE%2B5HSuMrNQgkyk6ogiq0gLD%2BbgY5ZTqUGdvto0qg%2F4KtKaayOdO%2F1P"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fd999fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4B02 43 B
702 B 254ms
104ms Image
image/gif 96.16.147.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=37901ef5e264d4500e48aab32304c8b0%2F9515973417193008420&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409135&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kztpa9bdwj6ddgqjhcqma6p6c49a91y9qqjrw7zjynyne0p6epmb9ch7y9jmby9jq0pdphc4p085eggra3exmmvvv98g6a9cftkwpk1et1ar50deazpxe1rj5bwq8jdk77amdmk5vnwye9dzfg8zar5xdr4sxrvf51dsa9d795vsxjv7mhnvz5f8mhm1cga1fg1x05dcxdvsv6r8p7gf324dmvesxsp7zvmgn3bp5c1t1774pnh7a2pvv7t3x67y423khcrgzphgdnd9czg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt44l1vaiY7uiOs-dywXxkYMY4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQK0w3q35c-xPqgDAaoEwwFP0C4mLH-4ahRa5PRHEqHmlizHJYZ_QX-WdIS9sDuW-GSv5FpE-_xmmn_TyhHBUWwtxz_StNkgrGrpg1DEtjn5n2lXFQNSqEki4UAoGWRdOvaRPmwTmVDaq1WNrYDccutbVy8b8cKp5xlRZgkmtat8jKTBOIt9pdgp7bbiGzneuFL8-c94Su2iPuEO_8YYWRV2c0Ir3P3HqyhVO1M_CdxhXUkfWtBWPXeV6l51i637GPEeXceXQbXdlsw3gBjRmCuGaIiABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IcmZHOTKHwYvpLenE9wGlOZ6e1g%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.147.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BEED 89 KB
11 KB 36ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 688774
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgAgJEmKvzDDiVAg0Zjbov5OkawqwrGz9XrvMtwdSUh3gJ6Y%2B2pNAsoiVnBSzgWjXEX2Gw0jeM464Td7oZXAqtZAVv0sCwg9Q54yKtPN9PBMsFYg5KPN7dhdqOG5fdcxBs54WlTlZA8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77d07e6e88cc153a-CDG
expires: Wed, 21 Dec 2022 13:06:49 GMT

GET
H2 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame BEED 49 KB
50 KB 52ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97a16970b3c0282946c73892b6a8b07d8c95c588b6127417176fe1e87f247fb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653675
cf-polished: origFmt=png, origSize=104051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50558
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRdGRIem%2B7BZNJVJXqT9ZWophFEJDjGYpXQaVoG2mJwWrVQ0rMA89jkHdAi8jOoK7JyqOQNrpNqghDpZTq3FpfRX05epaXvb6RFXJCM8T6mpxtcVz5ptj5qF9wTDYbHwgZH9H65Ic2pCBQuY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6e8fdb99fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame BEED 43 KB
44 KB 47ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2306191
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLYvxoOxO8p5LI90itIIuONi%2Blx3bIl4sMYGRFDzf9csISfBMz9XRgl%2FT7uq%2BFD2F5MIW0WC2TbG8PlmMH%2BGhk86IraeEkh6s5LQLpDfmeHbyZS9CXa2eM6NVTGZeW7XMlOZ2dknBCXOojyI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6eb81e99fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame BEED 43 B
2 KB 125ms
37ms Image
image/gif 95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJskoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 12:06:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0079059600830078
Connection: close
X-TRK-PROC: 45335
Pragma: no-cache
X-TRK-SRV: 1
Server: nginx
Last-Modified: Wed, 21 Dec 2022 12:06:49 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame BEED 14 KB
15 KB 47ms
32ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 752886
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3avYLnQNvVaHIZz0Z4yCV0A60lDyvXTjOcGDdXFib4ywifRhMUpWjTOK2IXXe2Hv%2FwWTpsW9AwDg4r01ZKYgTcxzPR%2FL9qxm2IGfIoKtbASsHjp9Aepnk0ALdo4Ic1qFpua85kgYPXtGSP4y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6eb82299fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame BEED 274 KB
275 KB 52ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1153033
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdqnQ4Lu7%2FDZ4MEKXnZG5IaYujxNaBOPpronOX8dnV%2FECbgNMsJBPXh%2FtUIWGLI%2B0Ud5cUqELJEVxQeDO0I6r2f18%2FYZmWb%2FMdWbheAJ3a8p5uHw42O5bH9MoLFnM8oOzLhH6Ra7NMEg0cXS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6eb82899fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame BEED
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

821ms
239ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1036
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Wed, 21 Dec 2022 12:06:49 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.012459993362427
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 4
Server: nginx
Last-Modified: Wed, 21 Dec 2022 12:06:49 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame BEED 7 KB
7 KB 49ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1671805
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:24:03 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlUKFWp9hOfSeNjd6MQQvfqIYpPXu94HK5no56RbwpW4dFoXxGBQ19cJT2pM%2F15SjXrMnp8uyC3CUSIAwb2qoO3Irkp3lNBHqD3Lx1GE%2F8W%2FUUcc5dUz07NjyV70Ntm8paIIF8wTCj4NnDxk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6eb82d99fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame BEED 36 KB
37 KB 49ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753437
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQEbacWkLLG7kMPe320uTT1kOUqHqKg0SEyySHaSyizoSp6oBJazrQ4LO78XcbDLAkZlWcVZo9QZer4uJskLsTsJqQcLi3kuKbxcdbDxmNMWqG1ZutUGwsAbwdOf2uj3ZgUOhjZTAT7CFGX2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77d07e6eb83199fa-CDG
expires: Thu, 22 Dec 2022 12:06:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BEED 43 B
702 B 225ms
106ms Image
image/gif 96.16.147.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=d89e175d8c254a969689f41ed526707a%2F3855696903391415344&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1671624409139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpks80yg77dezje4t6x3wzavyb8zz5pmgtj0pgm3v5zgrb4p7ktx948c4tzh4g1hrg36whraa3j02d1j4tp0s6b6wen1jy259we1b23xwskb4rrnem6jzbbzxbpx3z9r33g50h2a2ht4vk02ze021p7a89h30c969gn9kfzrqeyf88bc8gtpc4g18932zw8t3wxmrfkeft5bjck4fh83afp9j8yf9225qr976snbfd33fmwh5dj1madx89xfa8td03s596nxddqerex1f2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuAbv1vaiY6ugOoGUygXOtbeoCOLSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCtMN6t-XPsT6oAwGqBMMBT9BvzPl9eFpDphUDWBAn7TGAnxWqAjeXpsK4_QgPG8AKx9eYvUk-k6Oj6UboQQFREevba_iXS4qpbIqHyiYOaMy5PQ60ZJoBvLs0wfx6YijanDbZxYKUxR0dM_IirEhzEEG233zNvysX0FthfmwcxYtDQKL16c-qQ2WilUWG6o1mygeLlwnyGzgo2RdxIEOUEYMgKsKJSxQDM497YVMEtDUPYimO6sC-35k1NMqt9p8vPx3ufIdyf0pW5kVRiE4SGv5cgAb4zIjRx6WxzyOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0LP4Y9ONod2t0wvgJTeU3BO71CnA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.147.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 12:06:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B19E 13 KB
5 KB 59ms
58ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 37696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7046 783 B
967 B 927ms
265ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebf98e37afa039259da003695e7bef0844ecc3ec7725d3882cc91cb63226d8a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DCq0vthWDApUKKcSNa9viQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-DCq0vthWDApUKKcSNa9viQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 12:06:50 GMT
expires: Wed, 21 Dec 2022 12:06:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame B19E 36 KB
16 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 20:49:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B19E 0
10 B 41ms
38ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7YPmOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:06:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 163ms
162ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2350679068342467&bg=!kZKlktbNAAYgquz3AKo7ACkAdvg8Wr3qDb6c8uPwwhVhSRNyVJnWQ--E0ikpcuB3GbTtJCladzLcCQIAAACSUgAAAARoAQeZAte4fwm3OEtmJCa18XRS5VmuN99HBNJxdWnCseIUzCHtQm-o2NB9nSUx2g3Hu1DHwYSHxwtZgnPV8X3W9PNPBeFsDmxyNNLF7n_ElXeuGDdplM_T3Te6eB1GGSX0hLqKLV1TT-WaZ_XMLumRn3mA7OGCmS0j-ieCPdmb6ZkqA6Cl5bkpUHXX8GjZ8dOPtIXKgEZSnZ6lTYAdKXM1bRZ30npY3zzsU5tnKC5wNaiDZJB9Op3s7EMA3rrlsFoIGp6LEPJOuCz_ZD2i1OfQA2eZk9-C5zLTgh538lsQn96etJGhLUwqBAl1u1L-OyGAPKZYKd4eCMHoArMG9k504bO3BBPLe8OgU8eENLpF2FqTZDPxDKaO_6l_8g4tUAn58-zuXtrj79vCHsmYrFHYXEEXsq4Hi9uoH-EOg1uwMA8CfIEaNxZZtn79Ho163jD-rKXyFWlJWDrLd6Vv4d9gSku9x-v2Sg5qU3nacidueWq0OL6WeoNaNEkfgAy3ZrjBu8TsdE57tasRF--7EPHxnugPf3P687HCeliozv0jVjmYfci04zOQ2ihqcIPnM-H8851ossbkiKZPVuOwWovoJGIoMMb1jSAqrYmPohgEthE9PRVkxG4SKvESfVzd-sk2dzDgpVgIjgehjfbDXgAoaThlAHHA0c-tsMdkQOU6QjoKY5MZeDKBWQl7cb4OxsvU8gN5wy3Wki4GQAfY31vV-KPLqzg918JYE51QJ6RjEkg3bYXgokAhRZF_Wex3Czd-2RH_4dXwGek8c91Nqz2IEKoLAGmrodNM_IPZebjnNVZR2lV1yLXFF3RINtX3vxUG1fUBJv0Lc-8qwUSMwba1BQCcDP6eQmu39nmTxA1hd8B-1Zc57e06Ah674AlWQ3DD9E5Y9S8VniAN-8kfiJjfb9AW4nxIH3QTli0vyura25BnvHvq3Yom7QtnQvblyLdI0pP9qz3ClTimMHUW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7046 0
0 77ms
73ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2350679068342467&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngembassy.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 658dcf6b4d9252ee9c1790fc355d9c6c
.ngembassy.info/	1970-01-20 17:56:24	Name: _ga_6HX21LM9FM Value: GS1.1.1671624405.1.0.1671624405.0.0.0
.ngembassy.info/	1970-01-20 17:56:24	Name: _ga Value: GA1.1.1195666794.1671624406
.ngembassy.info/	1970-01-20 17:42:00	Name: __gads Value: ID=6196c117ac5fcd73-229fd67b34da008d:T=1671624406:RT=1671624406:S=ALNI_MYqHcaUV2VlehDqnl0rNzgyVXlT_A
.ngembassy.info/	1970-01-20 17:42:00	Name: __gpi Value: UID=00000b95b1d59c5a:T=1671624406:RT=1671624406:S=ALNI_Mbhk3PWMUVe-fau-x0FaPz65dHbIQ
.doubleclick.net/	1970-01-20 17:42:00	Name: IDE Value: AHWqTUl7DDjDQXOm5HoU-RZTNlh8nBXD_CKFDQU2lNIFTm5QKySIU7YUbFv0sCbxPKA
.travelaudience.com/	1970-01-20 17:50:38	Name: _tracker Value: %7B%22UUID%22%3A%2285D3C69D-2F9B-4F58-8DD6-9521B5E731C7%22%7D
.adfarm1.adition.com/	1970-01-20 10:30:00	Name: UserID1 Value: 7179572163572267156
.quantserve.com/	1970-01-20 10:30:00	Name: d Value: EFEBCQHuJ4EA
.quantserve.com/	1970-01-20 17:50:38	Name: mc Value: 63a2f6d8-bab4f-749fd-7e16d
.agkn.com/	1970-01-20 17:06:00	Name: ab Value: 0001%3AoFbQHW6443UjHgr8q6BiMC4hXAYw9K6x
.agkn.com/	1970-01-20 17:06:00	Name: u Value: C\|0CEArNbNYKzWzWAAAAAAAAQ13AQCAAQpAAAAAAA
.yahoo.com/	1970-01-20 17:06:22	Name: A3 Value: d=AQABBNj2omMCEKdXf4yGEumHg0aQDgqvgDQFEgEBAQFIpGOsYwAAAAAA_eMAAA&S=AQAAAnUThK0Ks8Rztcjz1G4PcYo
.blismedia.com/	1970-01-20 17:06:04	Name: b Value: 63A2F6D832E50AE28BAD9896BLIS
.casalemedia.com/	1970-01-20 17:06:00	Name: CMID Value: Y6L22Pt7X8cWQxEV8gw3zgAA
.casalemedia.com/	1970-01-20 10:30:00	Name: CMPS Value: 1206
.casalemedia.com/	1970-01-20 10:30:00	Name: CMPRO Value: 1206
.everesttech.net/	1970-01-20 17:06:00	Name: everest_g_v2 Value: g_surferid~Y6L22AAFn5xnugAZ
ads.travelaudience.com/	1970-01-20 17:50:38	Name: _tracker Value: %7B%22UUID%22%3A%2285D3C69D-2F9B-4F58-8DD6-9521B5E731C7%22%7D
.doubleclick.net/	1970-01-20 08:20:28	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 17:07:26	Name: suid Value: A4056046EBAE4123A58060F1D7F7C4FB
.adform.net/	1970-01-20 09:05:02	Name: C Value: 1
.casalemedia.com/	1970-01-20 10:30:00	Name: CMTS Value: 3367
.1rx.io/	1970-01-20 17:06:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3610815c-0b01-4fe6-bc9b-8be0b9a63fc6-003%22%7D
.adform.net/	1970-01-20 09:46:48	Name: uid Value: 3799736276571521138
.tribalfusion.com/	1970-01-20 10:30:00	Name: ANON_ID Value: ahntmIm5ab7AyuoCUkEWRlYqZbs3O2q4FbvtEmvypJ9g2G3Bu7hU1uovqIuG8h7NhUIEV2QNQbMMAdPVZdb7XEVjfV
.targeting.unrulymedia.com/	1970-01-20 17:06:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3610815c-0b01-4fe6-bc9b-8be0b9a63fc6-003%22%7D
.w55c.net/	1970-01-20 17:50:38	Name: wfivefivec Value: B4jmYFo41P7XS15
.happ-e.fr/	1970-01-20 09:46:48	Name: kwknc_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.happ-e.fr/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.happ-e.fr/	1970-01-20 09:46:48	Name: neta_ssc Value: f262f40jecgelhtu5jqvew1ilu1i
.happ-e.fr/	1969-12-31 23:59:59	Name: netases_ssc Value: f262f40jecgelhtu5jqvew1ilu1i
.metaffiliation.com/	1970-01-20 09:46:48	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1970-01-20 09:46:48	Name: neta_ssc Value: 615df40jecgfest5zd18spcj3u47
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 615df40jecgfest5zd18spcj3u47
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 423187:2993007
.w55c.net/	1970-01-20 09:03:36	Name: matchgoogle Value: 5
.awin1.com/	1970-01-20 08:23:17	Name: awpv25911 Value: 412871\|1671624409\|f2ce7e00-8127-11ed-af39-22634e1a9496

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
action.metaffiliation.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.fr
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ckeditor.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.metaffiliation.com
match.adsrvr.org
ngembassy.info
ngembassy.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.google-analytics.com
s.tribalfusion.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
vcb.happ-e.fr
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.72.77.63
142.250.185.66
151.101.130.49
172.64.154.237
185.86.137.121
192.229.220.129
2001:4860:4802:32::36
205.234.175.175
213.155.156.181
213.19.147.44
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400d:803::2002
2a00:1450:400d:80a::2001
2a05:d018:d29:3605:749a:6a0e:3033:c14
3.124.162.93
34.96.105.8
35.190.0.66
35.204.74.118
37.157.4.28
51.89.9.254
52.223.40.198
54.186.226.179
69.173.144.139
85.114.159.93
95.131.136.1
96.16.147.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306
03b028ab20adf9f77486fd1e7d5df7ef02757d1d7585f58b170d7152e7c3b13a
0505bdac187042bc6464b2c20c1ca0a015ccb472bed41ab4aa7fde845a94be9b
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c784ab8201666c15d8623bcd62c5ca50db4df206744a44bc14e4bb05afc0210
14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b77da7e870a0480176c4915ff1ca72f8ba3957abcf34ed4b8239c9de0ffcd5
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
287ade58ca7648339a3c29f8350d8ea7f8962509c89b31a9acb7b29c756c95f6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
3adccfa5b774913e80a67db5207766fa47dbaeac507a9a103d764f490525b25b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31
47bca8f26cf489a5d8e508b0ff24a9e58fe3eb2366c21524ac80c0dcb6a7811c
49d6395dafa4c3ab60f2caab2b5e969f65da69e9000136063371ca9c229c80e4
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4b83b35df3f793b6baf4d1ac5fade634bb1a9dae7532bf91842d9f7fcf1def5a
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5023f4a83c16faddcebcd52253db66b33cbc2e1d52734ab9e144341481b6f8f4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e
56f34b43fb8336e4ed54bb9c8c44779ba971aeecd30552ccb65ac3cb7bb21dab
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60c164424abde358e938029a68de77e36b320e8833b64cd83a97ce0cad65322f
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f79775d7d3b686745c69773aafe73e69c16ec1514ba21b76886df78010474d
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
6699801ca1980cf2d479f40a56feb5c7c705272809e1cde4bcc6d1d6c34f690a
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9
69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
733424e6ef37f9e0116ccb9fb7102ee52e38fd32121411d01a91c7c5b776e4e1
733e4cb500204abc1519a76fbd8cae3fc21710d17d092820e7a00585a0441e0d
745fac9a3aa1207923214812688a1142faf1815b0cd31e3dd1668fa22f3aa337
7c9f4fd72e7f700a29c813e03b8bd94d77385cb2ce3d22e8c64a0ed6351e34be
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad
89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3bbc287351498e006c137a73fbc38ffaee30c4097f953341dda1265864ed4c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99
a465c2b392ca9403d32273b784cb9b54beb66a6e3ef31675c871885b7b0750c4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dca1bbcb59b4350f62649a56a672f8a392676904cc7d7e50ac5027a4667db8
a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e
a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a
a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ad66e2d19f1d38994be226e5f1ce36cb3b366370fd36f5be004f8727454bf8ab
b4a362825819748d4f6fb35d34163930860d448b2f23e0860b7d4ba42636a710
b5b3899d929eeac4e8e12c8b8b95152cfbbcbe5b306c5180100af6819d416ff0
b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b
bd09f7ea8a6c1725645e239c7af721bb0ab09d6b81cd04a61b9075b7f92636fb
c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc
c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5
ccb415e54af1fbb92f30d06069c7b0d85cc0334380adf7986d67984535261802
d505f4211d7f7d645c45c7857fbcc72be99b6536a79784eb4ee18cf482c429b7
d6580193a70eaf67c20cca0c971ccf6d8fc4d13638f7e2c1184f4f24ccbdbdfd
dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
e97a16970b3c0282946c73892b6a8b07d8c95c588b6127417176fe1e87f247fb
eb526413fa4f05bc700fd9b2ab193b246198d0ec5321355e9935b074a4ed6df0
ebf98e37afa039259da003695e7bef0844ecc3ec7725d3882cc91cb63226d8a8
ed095d981ae69ec26e3c306723923c728404e3430b22f02a8cdf9aa84810acb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

ngembassy.info Open in urlscan Pro 103.72.77.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

92 %HTTPS

49 %IPv6

37 Domains

46 Subdomains

31 IPs

6 Countries

3030 kBTransfer

6958 kBSize

39 Cookies

1 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

92 %
HTTPS

49 %
IPv6

37
Domains

46
Subdomains

31
IPs

6
Countries

3030 kB
Transfer

6958 kB
Size

39
Cookies

206 HTTP transactions
13 data transactions