robot.wizlink.eu Open in urlscan Pro
85.128.138.250 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://appurl.io/auw7TFkmL_
Effective URL:
https://robot.wizlink.eu/wp-admin/user/fr/
Submission: On October 23 via manual (October 23rd 2023, 8:20:11 am UTC) from FR — Scanned from FR

Summary HTTP 58 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 58 HTTP transactions. The main IP is 85.128.138.250, located in Poland and belongs to NAZWA, PL. The main domain is robot.wizlink.eu.
TLS certificate: Issued by nazwaSSL on April 28th 2023. Valid for: a year.

This is the only time robot.wizlink.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government) Impots Gouv (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:20:... 2606:4700:20::681a:ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	85.128.138.250 85.128.138.250	15967 (NAZWA) (NAZWA)
8	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
58	15

7 2606:4700:20::681a:ed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

appurl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.128.138.250 (Poland) 1 redirects

ASN15967 (NAZWA, PL)
PTR: shared-akg250.rev.nazwa.pl

robot.wizlink.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	299 KB
8	gstatic.com www.gstatic.com	48 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	136 KB
7	appurl.io 1 redirects appurl.io — Cisco Umbrella Rank: 872164	39 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
2	wizlink.eu 1 redirects robot.wizlink.eu	154 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	26 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	597 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	82 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	23 KB
58	12

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	appurl.io	1 redirects appurl.io
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	pagead2.googlesyndication.com	appurl.io pagead2.googlesyndication.com www.googletagservices.com
2	robot.wizlink.eu	1 redirects appurl.io
2	www.google-analytics.com	appurl.io www.google-analytics.com
2	maxcdn.bootstrapcdn.com	appurl.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	code.jquery.com	appurl.io
58	14

This site contains links to these domains. Also see Links.

Domain
www.impots.gouv.fr
browsehappy.com
www.accepterlescookies.com
play.test.google.com
app.franceconnect.gouv.fr
www.telepaiement.dgfip.finances.gouv.fr
cfspart.impots.gouv.fr

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-24` - `2024-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.wizlink.eu nazwaSSL	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://robot.wizlink.eu/wp-admin/user/fr/
Frame ID: 5DA13B09BD30B904341641B10E03FBC6
Requests: 25 HTTP requests in this frame

Frame: https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: BA272C46B0BF8231951B6EB943EF16D1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: B98E200B416E19FDA9654B907F2B2C1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1697543950&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206846&bpp=10&bdt=464&idt=253&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&correlator=2240197252143&frm=20&pv=2&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QyKYmY54jp&p=https%3A//appurl.io&dtd=276
Frame ID: DADBBD330E97FE323438C4D3FFAFC55A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1697543950&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206885&bpp=4&bdt=503&idt=248&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=2240197252143&frm=20&pv=1&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=269
Frame ID: 6B0865EF4C40201FA483E396C44670F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: FD95581E73123C227A3336BCBE9E53A2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8A46BADEC246FD98E9A6D9F3E55862A3
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 266573DDBB959A3339FEC39C35927CA4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: C9293487841D60AD7BEE0FC34ABA28E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 33927BA44088339D7E2E4BC1465C4387
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 99BF740398B79B3C6A343D12F51F41CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Particuliers | authentification

Page URL History Show full URLs

https://appurl.io/auw7TFkmL_ Page URL
https://robot.wizlink.eu/wp-admin/user/fr HTTP 301
https://robot.wizlink.eu/wp-admin/user/fr/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

93 %
HTTPS

93 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

1062 kB
Transfer

3222 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.impots.gouv.fr/portail/particulier/questions/quelle-configuration-doit-avoir-mon-ordinateur
Title: celle requise par la DGFiP

Search URL Search Domain Scan URL

URL: https://browsehappy.com/
Title: une version plus récente ou un autre navigateur

Search URL Search Domain Scan URL

URL: http://www.accepterlescookies.com/
Title: accepter les cookies.

Search URL Search Domain Scan URL

URL: https://play.test.google.com/store/apps/details?id=fr.gouv.finances.smartphone.android

Search URL Search Domain Scan URL

URL: https://www.impots.gouv.fr/
Title: Accueil impots.gouv.FR

Search URL Search Domain Scan URL

URL: https://app.franceconnect.gouv.fr/en-savoir-plus
Title: Qu'est-ce que FranceConnect?

Search URL Search Domain Scan URL

URL: https://www.telepaiement.dgfip.finances.gouv.fr/stl/redirectPart.htm
Title: Payer en ligne

Search URL Search Domain Scan URL

URL: https://www.impots.gouv.fr/portail/particulier/questions/jai-egare-les-identifiants-dacces-mon-espace-particulier-comment-puis-je-les-0
Title: ou sur vos avis

Search URL Search Domain Scan URL

URL: https://www.impots.gouv.fr/portail/contacts?4950
Title: centre des Finances publiques .

Search URL Search Domain Scan URL

URL: https://www.impots.gouv.fr/portail/contacts?4949
Title: centre des Finances publiques .

Search URL Search Domain Scan URL

URL: https://www.impots.gouv.fr/portail/contacts
Title: centre des Finances publiques .

Search URL Search Domain Scan URL

URL: https://cfspart.impots.gouv.fr/
Title: impots.gouv.fr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://appurl.io/auw7TFkmL_ Page URL
https://robot.wizlink.eu/wp-admin/user/fr HTTP 301
https://robot.wizlink.eu/wp-admin/user/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

58 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 auw7TFkmL_ Show response
appurl.io/ 6 KB
3 KB 325ms
269ms Document
text/html 2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/auw7TFkmL_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5dfbd0e4ddbacabba423425819e239c8ae4d2105b7fcba6df5c824c3ede2809

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 81a88f129faa0222-CDG
content-encoding: br
content-type: text/html
date: Mon, 23 Oct 2023 08:20:06 GMT
last-modified: Tue, 17 Oct 2023 13:59:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ke%2F8hHZ6V2QwprktjVkgjM07qyBJepDbGKGE%2Bm9aRRJDsi%2B30D4z%2Bcl8JzpV0K73qi5537LifcY3Kpdm9Dawsr%2FuRKE7xWH8KkvvVt2cuDhZEJx%2FnduMEiN67olVG7gIajD9dX66g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 da7c369ddd47be9fe24a924ca2788c8e.cloudfront.net (CloudFront)
x-amz-cf-id: kYg0gZpnXr12VuEzmUcZxPEFMa2FkdLq8tnnJD17Xtb8YWVbF3OFbg==
x-amz-cf-pop: CDG50-C1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: GOBJS00T.d13vgArjnZGXq81XMxVZHAW
x-cache: RefreshHit from cloudfront

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 77ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/auw7TFkmL_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1073
age: 19711893
cdn-cachedat: 12/25/2022 15:18:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a861247b0714121d267aeedd0fbf7d9c
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 81a88f1439570348-CDG
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 78ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/auw7TFkmL_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 946
age: 26516143
cdn-cachedat: 07/16/2022 17:19:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6d37eafbfe3bcd69abe0a05b1db36756
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 81a88f1439550348-CDG
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 193ms
131ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: appurl.io
URL: https://appurl.io/auw7TFkmL_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b3125e5d4dc104ef156609151808f8a5dcb3ce4b04a688cf32385bef1938f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51379
x-xss-protection: 0
server: cafe
etag: 13757588588288934888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:06 GMT

GET
H2 200 appurl-logo.png
appurl.io/images/ 23 KB
24 KB 36ms
36ms Image
image/webp 2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://appurl.io/images/appurl-logo.png
Requested by: Host: appurl.io
URL: https://appurl.io/auw7TFkmL_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/auw7TFkmL_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
via: 1.1 c7ffc8c2f7641416c27e36a054b5f74a.cloudfront.net (CloudFront)
x-amz-version-id: 7yXkJHZznTRQiEpUtdjqKx4EVy7qQMwS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
x-amz-cf-pop: CDG50-C1
cf-polished: origFmt=png, origSize=25721
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="appurl-logo.webp"
content-length: 23746
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Dec 2021 22:04:29 GMT
server: cloudflare
etag: "85b2e8868db81fa9a39b35a70edc31e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whGF5G2Fe%2FIN8oiuUDDPlaqlDlqCtu1LE3itbsNbLKVpfEbOAIKTBbHjh%2FouQ3isJTmo%2B1BmTwBHHEaVloqMCBgi2McAVjBkcA%2FzXLsr7Z6gVZ9CYkbSRoERCsyQkHTwt2Zcy8it1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81a88f13f9ba0222-CDG
x-amz-cf-id: WDSM8VIzwv49D3a92wu40wWnkUDN9g-6F9drcUCqTGX5sWgiikyXyw==

GET
H2 200 jquery-3.1.1.slim.min.js Show response
code.jquery.com/ 68 KB
23 KB 65ms
17ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by: Host: appurl.io
URL: https://appurl.io/auw7TFkmL_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Referer: https://appurl.io/
Origin: https://appurl.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3248588
x-cache: HIT, HIT
content-length: 23709
x-served-by: cache-lga21978-LGA, cache-lcy-eglc8600071-LCY
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698049206.437584,VS0,VE0
etag: W/"28feccc0-10ebd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 33, 1076

GET
H2 200 ua-parser-min.js Show response
appurl.io/javascripts/vendor/min/ 10 KB
5 KB 35ms
34ms Script
text/javascript 2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/vendor/min/ua-parser-min.js
Requested by: Host: appurl.io
URL: https://appurl.io/auw7TFkmL_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/auw7TFkmL_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
x-amz-version-id: null
via: 1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P4
age: 3997
content-encoding: br
x-cache: Hit from cloudfront
last-modified: Mon, 07 Nov 2016 12:40:40 GMT
server: cloudflare
etag: W/"bb04355ce387383532230a11c09091aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=im%2FdF%2Fjgwh7Lz%2BnUJJMpSqm3DBtio3kojqspCfrRDs2PTt6bUG%2BAYlGZvv2Gu3p5ydEs6klm%2FG1fFJt3KTDVkX05axlx7nzU2DokOT0T3b4yxQ0x%2BQItTN28QzFKUXlO6fi9YGKE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 81a88f142a1b0222-CDG
x-amz-cf-id: 9yd8A2Loyt8ZrotBNUbUq00aFusnxsLYCbZ75gpZw0GsIXM79WU0Yg==

GET
H2 200 redirect-min.js Show response
appurl.io/javascripts/min/ 3 KB
2 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1697551149440
Requested by: Host: appurl.io
URL: https://appurl.io/auw7TFkmL_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/auw7TFkmL_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
x-amz-version-id: 9M7B3iVhOibLRAgQIfsmO4Iy653N6J.p
via: 1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG50-C1
age: 5432
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 01 Feb 2021 01:26:50 GMT
server: cloudflare
etag: W/"10bb0164a9f84b027874e3f0efbe4b45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekAxV3I2IdkOI5NlOdkpTAi55Hz7okWnVsKnoQSZM6eKYcZgaCiJ%2Be8sFtj3HMDNQLRZyUYfRRtyeauLPcDFdvUDQbZpEbHpy02G%2FdLzITdzHgWSTo1%2F9uA8wH6zzvAX2fw9kwKtpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81a88f146a920222-CDG
x-amz-cf-id: gopHNHkUROixp9fGJy9BxmjuIi0-CDYvcKp7hML1ucrHIU6diOwbVQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: appurl.io
URL: https://appurl.io/auw7TFkmL_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 07:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1713
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 23 Oct 2023 09:51:33 GMT

GET
H2

200

main.js Show response
appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame BA27
Redirect Chain

https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Requested by

Host: appurl.io
URL: https://appurl.io/auw7TFkmL_

Protocol

Server

2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a484c41d2eda21a624d52faaea57d7c380e64137d456efc943870baffb860c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72IgXs2JjQZAMdXiRzodgzRMcPwKAw7oStcfYOljw3bSyocfs8RDPvscZgrkJbl91F8hkVUXcVKnxv8MSGnQX7wG2TgZBuBdsTbZ7XluxfuKVzcTWtQCbFN%2BqsQtzRrxWkH8pr35gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81a88f150bbd0222-CDG

Redirect headers

date: Mon, 23 Oct 2023 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=L5mvF0DbVUWvVkZkWOMMsdTCaeEdp.oUaJxqDa3ELjQ-1698049206-0-AUrJq321V0AFpEshAa6TcE6RlofYOK4uJ1aiIIbQsmijExWXYzGc_Gnh7b4dm1cqxBeHNNQIa_ejrehLV7m4lAXy7ICQK2Fihk5qSXnkaU9dED83YRkuVPABe52g6YdmEm9bmIV0sn9ko74nrcWVzmc; report-to cf-csp-endpoint
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBbhCZ7PaixEfC2sI0zRcif4wjm772uyd1xcKvikMVZmTfgyJpiWWxZJsZJOptnRFF66iSTme3FWLH8tZtn95VqToh%2BwitGyBCM9j7Jw7V7mtu33eC2H7FpZeFYPpRFqf2wanydEOg%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=L5mvF0DbVUWvVkZkWOMMsdTCaeEdp.oUaJxqDa3ELjQ-1698049206-0-AUrJq321V0AFpEshAa6TcE6RlofYOK4uJ1aiIIbQsmijExWXYzGc_Gnh7b4dm1cqxBeHNNQIa_ejrehLV7m4lAXy7ICQK2Fihk5qSXnkaU9dED83YRkuVPABe52g6YdmEm9bmIV0sn9ko74nrcWVzmc"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
cache-control: max-age=300, public
cf-ray: 81a88f14db8d0222-CDG

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
217 B 34ms
33ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1830112199&t=pageview&_s=1&dl=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=428864780&gjid=1044167317&cid=2093564061.1698049207&tid=UA-1416913-22&_gid=1977254086.1698049207&_r=1&_slc=1&z=753728573

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 08:20:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 81a88f129faa0222 Show response
appurl.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BA27 0
456 B 71ms
62ms XHR
text/plain 2606:4700:20::681a:ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/cdn-cgi/challenge-platform/h/b/jsd/r/81a88f129faa0222
Requested by: Host: appurl.io
URL: https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81a88f165dfb0222-CDG
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK8c%2B8QsRNaeKGQC%2FJ6MU%2Bn3SZ22hxuMKjaE323vF2pDD5ABY9mPFd%2BZqBnr2Di%2Fcs2C8h2PM7z3Xlnb5wQP2Rz%2F2zjZ0CZ8SKi2%2BxIv5FIfLWr0jrfIn3RjgcU51UV4TyhHt09sTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 119ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ab011001346bd304410728fefe89a669df4051948f73ff836290fd78c6d6591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 08:20:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 394 KB
134 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503947100737582&plah=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7275c9d3e3664554c1a415d72fd8f03862cb4ee051c43bf810ae8b56864fd01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136823
x-xss-protection: 0
server: cafe
etag: 16333552313582771955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame B98E 10 KB
5 KB 106ms
26ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 50889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 18:11:57 GMT
etag: 4569948109300706969
expires: Sun, 05 Nov 2023 18:11:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 74ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L4PYPET04L&gtm=45je3ai0&_p=1830112199&ul=en-us&sr=1600x1200&cid=2093564061.1698049207&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&sid=1698049206&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 08:20:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js
partner.googleadservices.com/gampad/ 385 B
597 B 298ms
225ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=appurl.io&callback=_gfp_s_&client=ca-pub-6503947100737582

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503947100737582&plah=appurl.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DADB 127 KB
42 KB 1024ms
1023ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1697543950&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206846&bpp=10&bdt=464&idt=253&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&correlator=2240197252143&frm=20&pv=2&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QyKYmY54jp&p=https%3A//appurl.io&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 08:20:08 GMT
expires: Mon, 23 Oct 2023 08:20:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6B08 360 KB
81 KB 757ms
757ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1697543950&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206885&bpp=4&bdt=503&idt=248&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=2240197252143&frm=20&pv=1&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 82943
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 08:20:07 GMT
expires: Mon, 23 Oct 2023 08:20:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
robot.wizlink.eu/wp-admin/user/fr/
Redirect Chain

https://robot.wizlink.eu/wp-admin/user/fr
https://robot.wizlink.eu/wp-admin/user/fr/

423 KB
154 KB

928ms
927ms

Document
text/html

85.128.138.250
NAZWA

General

Check archive.org

Show headers Download Go to

Full URL: https://robot.wizlink.eu/wp-admin/user/fr/
Requested by: Host: appurl.io
URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1697551149440
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.128.138.250 , Poland, ASN15967 (NAZWA, PL),
Reverse DNS: shared-akg250.rev.nazwa.pl
Software: Apache/2 /
Resource Hash: fbfbeba2efbe209c8b67b37fdc325b572d728eb77ce7d1084e25fe15f489e744

Request headers

Referer: https://appurl.io/auw7TFkmL_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 08:20:08 GMT
server: Apache/2
vary: Accept-Encoding
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-policyused: cdn=disabled

Redirect headers

content-length: 250
content-type: text/html; charset=iso-8859-1
date: Mon, 23 Oct 2023 08:20:07 GMT
location: https://robot.wizlink.eu/wp-admin/user/fr/
server: Apache/2
x-cdn-nazwa.pl-location: AMS
x-cdn-nazwa.pl-policyused: cdn=disabled

GET
H3 200 reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 159 KB
54 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55346
x-xss-protection: 0
server: cafe
etag: 10020892338433289794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H3 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame FD95 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 51118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 18:08:10 GMT
etag: 4569948109300706969
expires: Sun, 05 Nov 2023 18:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 8A46 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 51118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 18:08:10 GMT
etag: 4569948109300706969
expires: Sun, 05 Nov 2023 18:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame DADB 9 KB
4 KB 106ms
25ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1697543950&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206846&bpp=10&bdt=464&idt=253&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&correlator=2240197252143&frm=20&pv=2&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QyKYmY54jp&p=https%3A//appurl.io&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 12:45:24 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame DADB 11 KB
5 KB 132ms
50ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:18:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DADB 14 KB
2 KB 118ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 07:16:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB 2 KB
859 B 31ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame DADB 23 KB
9 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB 3 KB
1 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:09:01 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB 20 KB
9 KB 105ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DADB 187 KB
59 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame DADB 35 KB
15 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame FD95 4 KB
744 B 89ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 07:34:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD95 205 B
294 B 77ms
31ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 06:36:48 GMT
x-content-type-options: nosniff
age: 6200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 22 Oct 2024 06:36:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD95 604 B
920 B 76ms
30ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:46:37 GMT
x-content-type-options: nosniff
age: 257611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Oct 2024 08:46:37 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame FD95 15 KB
7 KB 104ms
59ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 23:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6582
x-xss-protection: 0
server: cafe
etag: 15902073051392820161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 23:10:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame FD95 20 KB
9 KB 74ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:05:56 GMT

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 8A46 9 KB
4 KB 69ms
27ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 12:45:24 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame 8A46 11 KB
5 KB 96ms
54ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:18:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A46 14 KB
1 KB 78ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 06:28:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 2 KB
879 B 91ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 8A46 23 KB
9 KB 92ms
53ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 3 KB
1 KB 96ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:09:01 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 20 KB
8 KB 75ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A46 187 KB
59 KB 128ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 8A46 35 KB
15 KB 72ms
34ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H2 200 2071387388487622185
tpc.googlesyndication.com/simgad/ Frame DADB 5 KB
6 KB 35ms
26ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2071387388487622185?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:01:08 GMT
x-content-type-options: nosniff
age: 213540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5292
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 13:43:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Oct 2024 21:01:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2665 14 KB
1 KB 38ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 06:49:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 2 KB
825 B 28ms
28ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 2665 0
0

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame C929 143 B
0 43ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 07:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 3 KB
0 45ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:09:01 GMT

GET
H3 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 20 KB
0 39ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2665 187 KB
0 42ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 08:20:08 GMT

GET ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 2665 0
0

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 3392 143 B
0 26ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 07:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 99BF 0
0 28ms
27ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1697543950&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206846&bpp=10&bdt=464&idt=253&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&correlator=2240197252143&frm=20&pv=2&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QyKYmY54jp&p=https%3A//appurl.io&dtd=276
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 07:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DADB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET activeview
pagead2.googlesyndication.com/pcs/ Frame DADB 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90d8552964c8e804a6dea1870bfd34d3114389e6c28b725bcdec63808b75c8a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4502e1bffc9155988eeb261ae88885e93211e73cad60005d710ba19ac860b5e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0284492d7ed7c4b3aa4caddde43e07d08cccc51bc25b11c8d20d515d3769d55a

Request headers

Referer
Origin: https://robot.wizlink.eu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: text/plain

GET
DATA 200
OK truncated
/ 92 KB
92 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 254798574aeb4e94ef4b45f271e804f0b63eb45def80468d9af516213ebe13dd

Request headers

Referer
Origin: https://robot.wizlink.eu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: application/x-font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG5ZYq_8xycJvShdEQiiXXlPPBcOzvN19KPtULTuX1aqQOzbDGm9YX0BP0tHwlw-fUSTk7f1YFJ_DIo5xaSn-K3IASd5m0aBNTgUPC47MzhNGPI2bLq3lprWIN2z8l5Lv5kKMU2IpJRKFx&sai=AMfl-YQGjBD0_NjSA4bmMynUCLa0_Xi358BR2xOJnj0vPq2ecCwlAiQVOLHReSsrLzOy8m_u9ss_s_udhXgWeVDt11cIKzRc5n7UrzyuqrzkAC56Uvoa0cYpiqT1gHsNXdbu8n17chwwcL_MJC1Y&sig=Cg0ArKJSzOoC7XE7nt_GEAE&cid=CAQSSwDICaaN0IXppMAeboyKWYhSJ0JnfkSEkYrwQ7tbrShzK0l3ueWfwxWJMRtnFAIZ1HVB9MyrPkNj_ZOIR9oKORyCcRdPEKRnibLNwhgB&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231018&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=646328967&rs=2&la=0&cr=0&vs=2&r=b&rst=1698049207125&ec=1&wmsd=2&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government) Impots Gouv (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appurl.io/	1970-01-21 01:16:49	Name: _ga Value: GA1.2.2093564061.1698049207
.appurl.io/	1970-01-20 15:42:15	Name: _gid Value: GA1.2.1977254086.1698049207
.appurl.io/	1970-01-20 15:40:49	Name: _gat Value: 1
.appurl.io/	1970-01-21 00:26:25	Name: cf_clearance Value: K6uiSNHX1Oj5U.v3zvoVgZcxYZ4hU_AGdwyNKe17UWk-1698049206-0-1-da449493.85816766.8d45cb73-0.2.1698049206
.appurl.io/	1970-01-21 01:16:49	Name: _ga_L4PYPET04L Value: GS1.2.1698049206.1.0.1698049206.0.0.0
.doubleclick.net/	1970-01-20 15:40:50	Name: test_cookie Value: CheckForPermission
.appurl.io/	1970-01-21 01:02:25	Name: __gads Value: ID=f81c10ba1d594b77:T=1698049207:RT=1698049207:S=ALNI_MYOQBliVPbXUQrZaRG_RDegidbm_Q
.appurl.io/	1970-01-21 01:02:25	Name: __gpi Value: UID=00000ca0408b15b7:T=1698049207:RT=1698049207:S=ALNI_Mbp079e7ali66pckANdfuMGGnUqTg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appurl.io
code.jquery.com
fonts.googleapis.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
robot.wizlink.eu
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700:20::681a:ed
2606:4700::6812:acf
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:831::200a
2a04:4e42::649
85.128.138.250
0284492d7ed7c4b3aa4caddde43e07d08cccc51bc25b11c8d20d515d3769d55a
254798574aeb4e94ef4b45f271e804f0b63eb45def80468d9af516213ebe13dd
2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684
3ab011001346bd304410728fefe89a669df4051948f73ff836290fd78c6d6591
434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc
57a484c41d2eda21a624d52faaea57d7c380e64137d456efc943870baffb860c
5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8
7275c9d3e3664554c1a415d72fd8f03862cb4ee051c43bf810ae8b56864fd01b
83b3125e5d4dc104ef156609151808f8a5dcb3ce4b04a688cf32385bef1938f4
880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e
90d8552964c8e804a6dea1870bfd34d3114389e6c28b725bcdec63808b75c8a6
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b5dfbd0e4ddbacabba423425819e239c8ae4d2105b7fcba6df5c824c3ede2809
c4502e1bffc9155988eeb261ae88885e93211e73cad60005d710ba19ac860b5e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec
e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f
f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36
fbfbeba2efbe209c8b67b37fdc325b572d728eb77ce7d1084e25fe15f489e744
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

robot.wizlink.eu Open in urlscan Pro 85.128.138.250 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

93 %HTTPS

93 %IPv6

12 Domains

14 Subdomains

15 IPs

3 Countries

1062 kBTransfer

3222 kBSize

8 Cookies

12 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

robot.wizlink.eu Open in urlscan Pro
85.128.138.250 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

93 %
HTTPS

93 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

1062 kB
Transfer

3222 kB
Size

8
Cookies

58 HTTP transactions
10 data transactions